How does Duplicati secure against poisoned backups?

Sorry I’m just a casual autodidact teaching myself cybersecurity and computers but I wonder: for example someone poisons your duplicati backup files in the cloud(be it personal or private), how does Duplicati protect against leaking your encryption password for the backup files when it runs backups? Is there like a header that exists that Duplicati downloads and decrypts offline or whatever? Sorry for the newbie question I’m learning about more advanced concepts in security but I completely overlooked this really basic one in netsec.

Your encryption password never leaves your computer. Only the encrypted files are sent to the backup destination.

Duplicati checks the locally stored file hash value with each downloaded file and if it does not match then the file has been modified, corrupted or encountered a problem while downloading.


This is one reason why feature requests to store the configuration with the backup (as a convenience and protection against loss of configuration, e.g. by a disaster to source system) must be handled carefully…

On top of the mentioned hash value (SHA-256), those who encrypt the data get protection from the HMAC stored in the AES File Format used by Duplicati. The SharpAESCrypt code is supposed to verify integrity:

or say

1 Like

Thank you all so much everyone. I hope this thread helps other future users of this great program.