cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Synchronizing encrypted files

Labels:

Synchronizing encrypted files

xtremebytes
Explorer | Level 3
‎03-21-2018 01:36 AM
Go to solution

Hi, here is a synchronization problem.

 

I have a list of files. Each is encrypted using a AES block cipher in CTR (counter) mode with its own password, a salt and an initialisation vector, where the latter two are randomly chosen at the time of encryption. What that means is that E(A, k1)_t0 is going to look very different from E(A, k2)_t1 even though A has not changed (where E(M, k)_t is the AES CTR mode encryption of plaintext M at time t with some encryption key k).

 

If the file has actually changed from A to A + delta_A, then it is not easy to detect the delta change in the encrypted domain. This is because the initialisation vector and salt are different every time, resulting in a ciphertext that is entirely different even for a single bit change. Thus, one cannot just patch separate blocks of the ciphertext and expect the decryption to work.

 

Assuming the file names on both the local and the Dropbox server side are the same, what I could do:

  1. Compute the Dropbox content hash on the local file.
  2. Request the metadata of the remote file (without downloading it), and obtain the remote content hash.
  3. If the two content hashes mismatch, then compare the local write time with the ServerModifed time on the remote metadata.
    1. If the local write time is newer than the remote version then upload the file to Dropbox.
    2. If the local write time is older then overwrite the local version with the remote version.

The strategies in 3.1 and 3.2 create a problem when the Dropbox version is say, A + delta1_A and the local version is A + delta2_A, i.e., both sides have been modified but we cannot tell how to merge the deltas in the encrypted domain. One constraint here: decrypting both files locally and comparing and applying deltas is not an option I am willing to take, for various application specific reasons.

 

Question 1: Is my only synchronisation strategy to ask the user in both cases, which copy the user wants to keep?

 

Question 2: Is there a better way to compare files to detect the newer one instead of comparing with their write times when the content hashes mismatch? Can I compare Dropbox file revisions numerically? How can I compute the local revision of a file? Or, is comparing local write time and ServerModified time a reasonable idea?

 

Thank you!

Labels:
  • 0 Likes
  • 2 Replies
  • 1,989 Views
0 Likes
1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
‎03-21-2018 08:56 AM
Go to solution
1: This sounds more like a product decision, so we can't offer a "right" answer. For comparison, Dropbox has to deal with essentially the same scenario. That is, when both the local and remote copies of a file have changed before the file could be synced. Dropbox creates "conflicted copies" in this case, in order to make sure neither version of the data is lost, and to let the user themselves decide which (or both or neither) to keep, since Dropbox can't know which one(s) they actually want.

2: Using the modified time isn't necessarily recommended for this, as clocks can differ. The Dropbox API offers two things you can use: a) the content hash, to confirm the exact data, and b) the file "rev". You can store the last known rev and compare it to the current remote rev. If the rev changed, you know that the content may have changed. If the rev hasn't changed, you know that the content did not change. The rev can't be locally computed though.

View solution in original post

0 Likes
2 Replies 2

Greg-DB
Dropbox Staff
‎03-21-2018 08:56 AM
Go to solution
1: This sounds more like a product decision, so we can't offer a "right" answer. For comparison, Dropbox has to deal with essentially the same scenario. That is, when both the local and remote copies of a file have changed before the file could be synced. Dropbox creates "conflicted copies" in this case, in order to make sure neither version of the data is lost, and to let the user themselves decide which (or both or neither) to keep, since Dropbox can't know which one(s) they actually want.

2: Using the modified time isn't necessarily recommended for this, as clocks can differ. The Dropbox API offers two things you can use: a) the content hash, to confirm the exact data, and b) the file "rev". You can store the last known rev and compare it to the current remote rev. If the rev changed, you know that the content may have changed. If the rev hasn't changed, you know that the content did not change. The rev can't be locally computed though.
0 Likes

xtremebytes
Explorer | Level 3
‎03-21-2018 05:47 PM
Go to solution
Thanks very much for the clarification.
0 Likes
Need more support?