Which AES256 does Duplicati use?

I have all these options below. How do I decyrpt the files without Duplicati?

-aes-256-cfb -aes-256-cfb1 -aes-256-cfb8
-aes-256-ctr -aes-256-ecb -aes-256-gcm

You need Duplicati to read the backup data. It’s more than just encrypted - the backup data has been deduplicated and compressed, too. You need the Duplicati software to “undo” this and recover your data files in their original format.

1 Like

Sounds like you might also be interested in this:

1 Like

But to more directly answer your question, it appears the AES library that Duplicati uses implements CBC mode.

I was able to decrypt a Duplicati back up file by using the included SharpAESCrypt.exe program:

SharpAESCrypt.exe d "my_encryption_key" duplicati-xxxxxx.dlist.zip.aes test.zip

I could then view test.zip and extract its contents.

But remember - you can’t recover your original files using this method. You should use Duplicati or maybe that perl script @JonMikelV mentioned would also work.

If you want a backup product that stores all backup data in the original formats you will need to use a different program for doing your backup. But you will not have efficient versioning, retention, etc., like what you get with Duplicati.

Good luck!


SharpAESCrypt.exe (which is installed alongside Duplicati) is C# code to do AES Crypt format. As people have noted, there’s no direct human-friendly match to source files. How the backup process works gives details, and Duplicati.CommandLine.RecoveryTool.exe can do the download, decrypt, and restore of source if you have to, however if the Duplicati OAuth Handler disappears, some destination types will have to download in other ways (whatever the service has), then decrypt manually (AES Crypt can do all of them at once), then use Python for last-resort restore (after the four-or-so better ways to do this have been exhausted). Don’t lose passwords. :wink:


Others have responde with correct answers, I just wanted to clarify that Duplicati does use AES256 CBC, but this is just the core algorithm and not an encryption (file-) format.

Duplicati uses the AES Crypt format as mentioned by @ts678, which includes a key deriviation method, header format, bulk key, and HMAC specifications. Even though you could use AES 256 directly, doing so would lead to a number of security issues.

Put another way, you cannot simply decrypt the files with just an AES-256 algorithm, you need to at least perform these steps:

  1. Derive key from password
  2. Read IV from file
  3. Read and decrypt bulk Key+IV from file
  4. Read and decrypt contents
  5. Optionally, verify the HMAC to ensure contents are not altered

Fortunately, there exists an AES Crypt implementation on all platforms which does exactly this.

Thanks for the info.