Is it safe to rename file.gpg to `md5sum file`?

vedaal at nym.hush.com vedaal at nym.hush.com
Thu Dec 6 01:07:15 CET 2012


Ben Staude sben1783 at yahoo.de wrote on
Wed Dec 5 22:39:04 CET 2012 :

> Well I do *not* want to reveal my private paths/filenames in the remote 
backup location. I won't upload the summary file as plaintext, but maybe 
encrypted as contents.gpg or the like. So I need another identifier for 
each file and some sort of mapping. That's why I came up with the md5sum 
of the files contents in the first place - I already have the mapping 
table (the summary file). If that's no good idea, I will probably just 
use a GUID for each file and create a separate mapping table (which also 
won't get uploaded without encryption:)

=====

If you don't mind *really. really long* entries  ;-)  in your re-naming table, 
you can do something like the following, and never have to worry about the mapping table getting lost.

Encrypt the actual filename symmetrically,  add the resulting ciphertext to the end of the file, and then save the resultant encrypted file with encrypted ciphertext as fn1.asc and the ciphertext of the filename in the mapping table for fn1.asc

i.e.

after doing 
gpg --cipher-algo AES256 -c -a real_filename

resulting in something like:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.12 (Cygwin)

LONG/ASCII/Armored/CIPHERTEXT
=checksum
-----END PGP MESSAGE-----


do

$ printf "real_filename" | gpg --cipher-algo AES256 -c -a

Resulting in

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.12 (Cygwin)

jA0ECQMCMu4SzytLjoFg0kIBlWVEKygTWNEjNi/sc/Anvc10SokQC9X6k2GZz1py
a+GzL+/HcUkg8P97d197FGyqpPghYMqEcp6CtYpn6zYkVew=
=Yv5u
-----END PGP MESSAGE-----

(passphrase; sss)

Add the above ciphertext, with the header and footer intact,  to the bottom of the ciphertext of the encrypted actual file, 

i.e.

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.12 (Cygwin)

LONG/ASCII/Armored/CIPHERTEXT
=checksum
-----END PGP MESSAGE-----

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.12 (Cygwin)
Comment: encrypted real filename of above encrypted file

jA0ECQMCMu4SzytLjoFg0kIBlWVEKygTWNEjNi/sc/Anvc10SokQC9X6k2GZz1py
a+GzL+/HcUkg8P97d197FGyqpPghYMqEcp6CtYpn6zYkVew=
=Yv5u
-----END PGP MESSAGE-----

and save the whole thing as fn1.asc, and similarly, for the rest, as fn2.asc, fn3.asc, ... ,  fnn.asc .

In your mapping table, 
fn1.asc    would be   jA0ECQMCMu4SzytLjoFg0kIBlWVEKygTWNEjNi/sc/Anvc10SokQC9X6k2GZz1py
a+GzL+/HcUkg8P97d197FGyqpPghYMqEcp6CtYpn6zYkVew=
=Yv5u

If your mapping table ever gets lost, you can easily recover the filename by decrypting the added ciphertext at the end of each encrypted file.


vedaal




More information about the Gnupg-users mailing list