Hi. I really enjoy using Syncthing and was pleased to find support for encrypted data on untrusted devices.
I was wondering what’s the best flow to handle encryption key rotation (on a regular basis or on demand, if keys appear to compromised).
Right now it looks like the only way to do that would be like this:
Assuming 2 devices, a trusted one TD and an untrusted one UD.
- Remove (within Syncthing) the affected folders on UD
- Really delete (outside Syncthing) the folders on UD
- Initiate a new sharing of the affected folders on TD, while using a new folder encryption key.
- Accept the new shares on UD.
These are quite some steps which also include a full sync of all the data. The re-transfer cannot be avoided I guess, because the untrusted device is not supposed to know the key to re-encrypt data without a re-transfer.
Anyway, primarily I want to know if my steps to rotate keys make sense and if someone already thought about a solution to make key rotation a bit easier. If not I might think about this a bit more.
Best, Oben