Backup security: Why same keys to backup and restore?

security backup encryption

All crypto prodcuts use symmetric keys to encrypt data. RSA operations are so slow in practice that no sane person ever use them to ecnrypt/decrypt data. All RSA based encryption schemes use a symmetric key to encrypt the data and encrypt the symmetric key with the RSA key. The addition of an RSA operation allows to digitally sign the data and/or to safely exchange the symmetric key with a remote site.

For the typical backup restore scenario there is absolutely 0 (zero) benefit from using RSA operations (more correctly: I don't see any benefit). More precisely, there is no need sign the backup with a private key for authentication purposes, and there is no need to encrypt the encryption key with a public key for key transport/exchange purposes. Using RSA keys would simply add complexity and operational risks but would offer no additional benefits.

The only RSA key usage for a backup/restore scenario I can think of right now is if a hardware module is involved (ie. the backup operator must enter the smart-badge into the reader to open the backup file).

Related

Multicast in Rackspace cloud
Managed Switch Question?
How to mount a drive on startup in Ubuntu?
How GZipped contents are transfered on the web?
WebDav rename fails on an Apache mod_dav install behind NginX
Moving Server to new Hardware - SBS 2008
Bought a 1U server, now can't find rails
Which free RDBMS is best for small in-house development? [closed]
Exporting a VM running as a Domain Controller
Difference between RPM (yum) and apt-get
Nginx fastcgi problems with django (double slashes in url?)
Ubuntu hangs on boot when NFS-mounting entries in /etc/fstab, but they mount cleanly otherwise