Skip to content

Borg 2.0

TW edited this page Sep 16, 2022 · 5 revisions

Note: This page could be outdated. Look at the page history to see when it was last updated.

Status: implementing
Time frame: n/a

Development Goals

  • Encryption: get rid of AES-CTR mode and use "session keys". This is mainly motivated by:
    1. With AES-CTR and a global AES + MAC key one has to track the counter values perfectly to avoid leaking XORed plaintexts. This means extra synchronization and complexity between clients (and in a multi-threaded environment, between threads).
    2. Using separate "session keys" in multiple threads makes multi-threading easier. Also, one can just start from 0 for the IVs of each session key.
    3. Data encrypted using "session keys" could be more easily moved between repositories, which would allow efficient replication. This is not possible with a global CTR, since it may never repeat
    4. Using "session keys" could allow to freely choose from a set of encryption algorithms - one algorithm is not the best for all machines.
  • use more modern / faster AEAD ciphers: AES-OCB and chacha20-poly1305
  • use a more modern KDF: argon2
  • concept of related repositories: using same chunker secret and id-hash key material.
  • borg transfer: enables copying archives from one repo to another related repository.
  • clean up the CLI
Clone this wiki locally