What is the difference between Rclone and OpenSSL based encryption?
PhotoSync offers Rclone and OpenSSL compatible encryption for Client-Side Encryption. Both are very safe options to protect your data and offer specific advantages based on your usage scenario.
We recommend Rclone based encryption for the following use cases:
- You want to use encryption / decryption only within PhotoSync. In this case the Rclone option provides the best performance and security
- You want to access encrypted photos & videos also on your Mac, Windows or Linux PC or NAS in a convenient way and are able to install the Rclone command line tool on your computer
- You want to mount your encrypted photos & videos as a dedicated drive on your computer for the most seamless user experience
- You already use Rclone
We recommend OpenSSL based encryption for the following use cases:
- You cannot install any software (like the Rclone command line tool) on your device, but it has the OpenSSL command pre-installed
- You want to develop your own scripts for decryption or want to integrate decryption into your own software
Therefore, we generally recommend using Rclone based encryption unless you have specific requirements in your workflow that require using OpenSSL based encryption.
Technical comparison between Rclone and OpenSSL based encryption
|Feature||Rclone Crypt||OpenSSL comptabile|
|Cryptographic Algorithm||NaCl SecretBox (XSalsa20 & Poly1305)||AES-256-CBC|
|Key Derivation Hash Function||scrypt (16384 iterations, not configurable)||PBKDF2 (600000 iterations, configurable). SHA256 and MD5 configurable as alternative|
|Authenticated Encryption (AE)||Yes||No|
|Encryption of File Names / Directory Names||Available (configurable)||No|
|Decryption without using PhotoSync||Convenient (use Rclone command line program to decrypt and also access NAS, cloud services)||Possible (OpenSSL command line utility)|