Rotate encryption keys for folders on untrusted devices

Hi. I really enjoy using Syncthing and was pleased to find support for encrypted data on untrusted devices.

I was wondering what’s the best flow to handle encryption key rotation (on a regular basis or on demand, if keys appear to compromised).

Right now it looks like the only way to do that would be like this:

Assuming 2 devices, a trusted one TD and an untrusted one UD.

  1. Remove (within Syncthing) the affected folders on UD
  2. Really delete (outside Syncthing) the folders on UD
  3. Initiate a new sharing of the affected folders on TD, while using a new folder encryption key.
  4. Accept the new shares on UD.

These are quite some steps which also include a full sync of all the data. The re-transfer cannot be avoided I guess, because the untrusted device is not supposed to know the key to re-encrypt data without a re-transfer.

Anyway, primarily I want to know if my steps to rotate keys make sense and if someone already thought about a solution to make key rotation a bit easier. If not I might think about this a bit more.

Best, Oben

That sounds like reasonable steps to me. Obviously all data is dependent on the chosen password so changing it requires removing and resyncing everything.

(You talk about “encryption keys” though, of which there are many in this setup. Each file gets their own and so on. Renaming a file is enough to rotate the key in that sense, but it’s still derived from the folder password.)