Fact-checked by Grok 2 weeks ago

Colin Percival

Colin Percival is a Canadian computer scientist and software engineer specializing in cryptography, computer security, and open-source software development, best known for creating the scrypt key derivation function, founding the secure backup service Tarsnap, and his longstanding contributions to the FreeBSD operating system. Born around 1982, Percival demonstrated prodigious talent early in life by entering Simon Fraser University at age 13 to study mathematics, from which he graduated with a B.Sc. in 2001. As a 17-year-old undergraduate in 1998, he organized the PiHex distributed computing project, utilizing idle time on nearly 1,250 computers worldwide to calculate the five trillionth binary digit of π, a record at the time for accessing such a distant digit without computing all preceding ones. He then pursued graduate studies at the University of Oxford, earning a D.Phil. in Computer Science in 2006 with a thesis titled Matching with Mismatches and Assorted Applications, which explored algorithmic problems including aspects of string matching and early cryptographic considerations. Percival's work in cryptography gained prominence in 2005 with his presentation "Cache Missing for Fun and Profit" at BSDCan, where he demonstrated practical side-channel attacks exploiting shared CPU caches to extract cryptographic keys from co-resident processes, influencing subsequent research on timing-based vulnerabilities. In 2009, he developed scrypt, a memory-hard key derivation function designed to resist hardware-accelerated brute-force attacks on passwords, which has been standardized in RFC 7914 and widely adopted in secure systems like Tarsnap. Since 2004, he has been a FreeBSD committer, developing tools such as FreeBSD Update for secure system patching and Portsnap for efficient ports tree management; he served as FreeBSD Security Officer from 2005 until becoming Security Officer Emeritus around 2013, and maintains the FreeBSD/EC2 port. In March 2024, Percival assumed the role of Release Engineering Team Lead for the FreeBSD Project, overseeing release processes and support timelines. Additionally, as an early adopter of Amazon Web Services, he was named an AWS Community Hero in 2019 for his efforts in porting and optimizing FreeBSD on AWS infrastructure.

Early life and education

Childhood and early academic interests

Colin Percival was born around 1982 in Burnaby, British Columbia, Canada. From an early age, he exhibited remarkable aptitude for mathematics, participating in competitions such as the Canadian Mathematical Olympiad, where he placed fifth in 1995 and earned an honorable mention in 1996 while attending Burnaby Central Secondary School. This led to enrolling in university-level courses at Simon Fraser University (SFU) at the age of 13 while remaining a student at Burnaby Central Secondary School. This precocious entry into advanced studies allowed Percival to pursue challenging mathematical topics alongside his high school curriculum, fostering his passion for abstract problem-solving. His talents were further showcased through participation in prestigious competitions, including the 1999 William Lowell Putnam Mathematical Competition, where, as an undergraduate, he ranked among the top six participants nationwide, earning recognition as a Putnam Fellow. In addition to mathematics, Percival developed an early interest in computing as a means to tackle complex problems, leading him to self-educate in programming. At age 17, he created PiHex, a distributed computing tool that enabled volunteers worldwide to contribute processing power for calculating binary digits of π, culminating in the computation of the five-trillionth binary digit—a feat accomplished using 25 workstations over several months. This project highlighted his innovative approach to leveraging technology for mathematical exploration. Percival later transitioned to formal undergraduate enrollment at SFU, building on these foundational experiences.

Undergraduate studies

Percival enrolled in the mathematics program at Simon Fraser University (SFU) at the age of 13 in 1995, allowing him to pursue advanced undergraduate studies significantly earlier than typical students. This precocious entry was facilitated by his exceptional aptitude, demonstrated through prior high school achievements that qualified him for university-level mathematics courses while still in secondary school. He completed a Bachelor of Science (B.Sc.) in Mathematics in 2001, following an accelerated academic path that leveraged his early enrollment and advanced preparatory coursework. During his time at SFU, Percival engaged with a rigorous curriculum in pure mathematics, building foundational knowledge in areas such as algebra, analysis, and number theory, which were essential for his later research pursuits. His mathematical prowess was recognized through outstanding performance in the William Lowell Putnam Mathematical Competition; in 1998 and 1999, he ranked among the top individual scorers, contributing to SFU's strong team showings. In addition to theoretical mathematics, Percival developed early computing skills through hands-on university projects that integrated programming with mathematical computation. A notable example was his leadership of the PiHex project from 1998 to 2000, a distributed computing initiative that harnessed idle time on approximately 25 volunteer computers worldwide to calculate specific binary digits of π—specifically, the five-trillionth binary digit—using algorithms like the Bailey-Borwein-Plouffe formula. This effort not only showcased his programming abilities in implementing efficient, parallelizable numerical algorithms but also highlighted his innovative approach to large-scale computation as an undergraduate. Percival's undergraduate achievements positioned him for advanced opportunities, including the receipt of a Commonwealth Scholarship that supported his transition to graduate studies at the University of Oxford.

Graduate studies

Following his undergraduate studies, Percival was awarded a Commonwealth Scholarship by the Commonwealth Scholarship Commission in the United Kingdom, which funded his doctoral research at the University of Oxford. This support enabled him to enroll in the D.Phil. program in Computer Science, where he completed his degree in 2006. His strong mathematical foundation from Simon Fraser University proved instrumental in facilitating this transition to advanced computational research. Percival's doctoral thesis, titled Matching with Mismatches and Assorted Applications, was submitted to Wadham College at the University of Oxford. Supervised by faculty in the Department of Computer Science, the work centered on algorithmic solutions to pattern matching problems that accommodate errors, such as substitutions, insertions, and deletions in strings. These mismatch-tolerant approaches aimed to efficiently locate approximate substrings within large datasets, outperforming prior methods in speed for practical error rates by leveraging randomized techniques. The thesis divided its exploration into interconnected parts, emphasizing applications of these algorithms in computer science domains. Core ideas included developing indexed search methods for rapid mismatch detection, which were applied to delta compression—generating compact differences between files, particularly executables—to minimize storage and transmission costs in software updates. Further extensions addressed universal delta compression using error-correcting codes, enabling robust file synchronization across networks without requiring interactive feedback, thus handling diverse error patterns in real-world data scenarios. This research highlighted practical algorithmic innovations for data efficiency in distributed systems.

FreeBSD contributions

Development roles and leadership

Colin Percival joined the FreeBSD project as a developer in 2004. He was appointed FreeBSD Security Officer in August 2005, a role he held until May 2012, where he coordinated vulnerability assessments, response efforts, and information exchange within the security community and the project. During this period, Percival developed tools such as freebsd-update to support secure system maintenance. In 2010, he was elected to the FreeBSD Core Team, serving through 2012 and contributing to project governance, including setting overall goals, direction, and managing administrative decisions. On November 17, 2023, Percival was appointed Lead Release Engineer for the FreeBSD project, overseeing release schedules, quality assurance processes, and coordination of merge requests during code freezes. Percival has also contributed to FreeBSD community events, particularly BSDCan, through speaking engagements on topics like security and release engineering, as well as organizational roles in business operations and program coordination.

Key tools and utilities developed

One of Colin Percival's early contributions to FreeBSD was the development of bsdiff and bspatch in 2003–2004, a pair of utilities designed for generating and applying binary patches to files. These tools employ an algorithm based on suffix sorting to produce compact patches that capture differences between binary files, enabling efficient software updates with significantly smaller patch sizes compared to text-based diff methods. Bsdiff has been integrated into the FreeBSD base system and is widely used for its ability to handle large binaries, such as executables, with compression ratios often exceeding those of alternatives like xdelta. In 2005, Percival created freebsd-update, a utility that automates the fetching, verification, and installation of binary updates for FreeBSD base systems. This tool fetches update metadata and packages from official mirrors, verifies their integrity using checksums, and applies them without requiring a full system rebuild, streamlining maintenance for servers and desktops. Freebsd-update supports both minor security patches and major version upgrades, integrating seamlessly with FreeBSD's package management to ensure system stability and reduce administrative overhead. Percival introduced portsnap in 2004 as a secure mechanism for distributing snapshots of the FreeBSD Ports Collection, which contains build instructions for thousands of third-party applications. Portsnap downloads compressed, incrementally updated snapshots over HTTP, applies binary diffs using bsdiff for efficiency, and verifies authenticity through RSA digital signatures checked via OpenSSL against a trusted public key. This approach minimizes bandwidth usage—full initial downloads are around 100 MB, with updates often under 1 MB—and enhances security by preventing tampering, making it a preferred method for initializing and maintaining ports trees on remote systems. Percival also played a pivotal role in adapting FreeBSD for Amazon EC2 cloud instances starting in 2010, developing initial Amazon Machine Images (AMIs) that enabled seamless deployment of FreeBSD virtual machines. His work involved customizing the boot process, networking, and storage integration to leverage EC2's infrastructure, such as EBS volumes and instance metadata services, allowing FreeBSD users to run production workloads in the cloud with minimal configuration changes. This effort paved the way for official AWS support in 2012 and continues to facilitate FreeBSD's use in scalable environments.

Security and cryptography work

Notable security discoveries

In 2005, Colin Percival discovered a significant security vulnerability in Intel's hyper-threading technology, specifically in Pentium 4 processors, where shared L1 and L2 caches between logical processors enable cross-process information leakage through timing-based side-channel attacks. This flaw allows a malicious process running on one logical processor to infer sensitive data, such as cryptographic keys, from another process on the same physical core by monitoring cache access timings. Percival detailed this vulnerability in his paper "Cache Missing for Fun and Profit," presented at BSDCan 2005, which outlined the attack methodology involving cache line eviction by a "Trojan" process followed by timing measurements by a "spy" process to detect data-dependent memory accesses. The paper demonstrated practical exploitation, including a proof-of-concept implementation that extracted portions of RSA private keys—up to 310 out of 512 bits—from OpenSSL 0.9.7c running on FreeBSD 5.2.1, achieving covert channel bandwidths of approximately 400 KB/s for L1 cache and 100 KB/s for L2 cache with error rates under 25%. This analysis highlighted how hyper-threading's resource sharing undermines process isolation in multi-threaded environments, even across privilege boundaries. To mitigate the vulnerability, Percival recommended OS-level interventions, such as scheduling threads by privilege level to avoid co-location of sensitive and untrusted code on the same core, and flushing caches during context switches in systems like FreeBSD; he also suggested CPU designers implement thread-aware cache eviction policies and cryptographic libraries eliminate timing variations in memory access patterns. These recommendations were incorporated into FreeBSD's response, including patches to reduce exposure. The discovery had a profound impact on industry awareness of side-channel attacks in CPUs, earning a CVE identifier (CVE-2005-0109) and prompting advisories from CERT Coordination Center, which noted its applicability to FreeBSD, NetBSD, and SCO systems; the paper has since been cited over 1,000 times, influencing subsequent research on cache-based threats in simultaneous multithreading architectures. In December 2008, Percival identified a cryptographic vulnerability in Amazon Web Services' (AWS) signature version 1 used for authenticating Query (REST) requests to services such as EC2, SimpleDB, SQS, and S3. The flaw stemmed from improper canonicalization of query parameters, allowing attackers to modify requests without invalidating the signature, potentially enabling unauthorized actions like data access or resource manipulation. AWS acknowledged the issue and recommended migrating to signature version 2, which addressed the canonicalization problems. This discovery highlighted weaknesses in early cloud API security designs and contributed to improved authentication practices in cloud computing.

Cryptographic algorithms and implementations

In 2009, Colin Percival introduced scrypt, a password-based key derivation function (KDF) specifically engineered as a memory-hard algorithm to thwart brute-force attacks leveraging specialized hardware such as application-specific integrated circuits (ASICs). This design addressed limitations in prior KDFs like PBKDF2 and bcrypt, which were vulnerable to acceleration via cost-effective parallel hardware due to their low memory demands. By prioritizing sequential memory access, scrypt aims to impose proportional costs in both time and space for attackers, thereby elevating the economic barrier to large-scale password cracking. Scrypt operates as a sequential memory-hard function (SMF), building upon the PBKDF2 framework while incorporating a custom ROMix subroutine to enforce substantial memory usage. Specifically, it first applies PBKDF2 (using HMAC-SHA256) to generate multiple blocks from the input password and salt, then processes these blocks through the SMix function—which integrates ROMix with the Salsa20/8 core—to mix them in a manner that requires allocating and sequentially accessing a large array of intermediate values, typically on the order of 128 * N * r * p bytes of RAM where N, r, and p are tunable parameters controlling iterations, block size, and parallelism. The ROMix component, in particular, generates and randomly accesses N pseudorandom values derived from a hash function, ensuring that computations cannot be efficiently parallelized without redundant memory duplication, thus rendering ASIC or GPU-based attacks prohibitively expensive. Finally, a second PBKDF2 invocation derives the output key from the mixed blocks, yielding a robust key suitable for encryption or authentication. Percival formalized these concepts in his BSDCan 2009 presentation and accompanying paper, providing reference C implementations that have since been standardized in RFC 7914, co-authored by Percival in 2016. Scrypt has seen widespread adoption in cryptographic applications beyond key derivation. In cryptocurrency, Litecoin incorporated a simplified variant of scrypt as its proof-of-work algorithm upon launch in 2011, aiming to democratize mining by favoring memory-intensive computations over raw processing power. This choice influenced subsequent altcoins like Dogecoin, which also uses scrypt for its proof-of-work. Dogecoin's adoption highlights scrypt's role in promoting ASIC-resistant consensus mechanisms. In secure storage contexts, scrypt underpins encryption in tools like Tarsnap, where it derives keys for client-side backup protection. Additionally, Percival's reference implementation has been ported to FreeBSD via the ports collection, enabling its use in secure hashing and storage utilities within the operating system ecosystem.

Tarsnap and entrepreneurial ventures

Development of Tarsnap

Tarsnap, an open-source encrypted online backup service, was launched by Colin Percival in 2008 following initial development work that began in September 2006. Percival initiated the project to address the shortcomings of existing backup services, particularly their lack of robust security and verifiability for users prioritizing data privacy. The service was designed specifically for UNIX-like operating systems, including FreeBSD, Linux, and macOS, emphasizing client-side processing to ensure that sensitive operations remain under user control. The development of Tarsnap was motivated by Percival's expertise in security and his desire to create a backup system that provided "online backups for the truly paranoid," with a focus on preventing unauthorized access and ensuring data integrity through verifiable mechanisms. Drawing from his contributions to FreeBSD tools like bsdtar and libarchive, Percival implemented Tarsnap primarily in C to leverage existing portable libraries and ensure compatibility with FreeBSD environments from the outset. This foundation allowed for efficient handling of tar-format archives while integrating advanced cryptographic protections directly into the client software. Core technical features of Tarsnap include client-side deduplication, which splits data into variable-sized blocks using content-dependent chunking to minimize redundant uploads, identifying unique blocks via HMAC-SHA256 hashes for bandwidth efficiency. Strong encryption is applied client-side, with data blocks protected using random 256-bit AES keys that are themselves encrypted with a 2048-bit RSA key pair, and optional passphrase protection for key files derived using the scrypt function. Uploads are optimized for low bandwidth by only transmitting new or changed chunks, combined with compression where applicable, ensuring that the service scales efficiently for incremental backups. Unique aspects of Tarsnap's design include its support for snapshot-based backups, achieved through reference-counted block management that allows multiple versions of data to share common chunks without duplicating storage. Auditability is enhanced by cryptographic proofs, such as archive signatures using RSA and SHA-256 within a Merkle hash tree structure, enabling users to verify the integrity and completeness of stored data without trusting the server. The open-source nature of the client code further facilitates independent review and validation of these security measures.

Business and operational aspects

Following his PhD completion in 2006, Colin Percival transitioned to full-time entrepreneurial work on Tarsnap, which he founded in September of that year as a secure online backup service. By 2008, with the launch of its public beta, Tarsnap had begun generating revenue, achieving profitability in February 2009 and becoming Percival's primary income source, enabling him to purchase a home by 2020. Incorporated as Tarsnap Backup Inc. in British Columbia, Canada, in September 2011, the venture operates as a one-person business under Percival's sole direction. Tarsnap's commercial model emphasizes a pay-per-use structure, charging users solely for actual consumption without minimum fees or subscriptions. As of April 2025, pricing stands at $0.25 per GB-month for stored encoded data and $0.25 per GB for uploaded or downloaded encoded data, a reduction from prior rates of $0.30 per unit to enhance cost efficiency relative to competitors like Amazon S3 Glacier. This model prioritizes transparency and scalability, with costs computed in picodollars for precision, appealing to users seeking economical, paranoid-grade backups. Operationally, Tarsnap faces challenges in scaling its infrastructure on Amazon Web Services, where Percival maintains FreeBSD-based servers on EC2 instances to handle growing storage demands on S3. Data privacy is ensured through client-side encryption with user-controlled keys, minimizing legal risks under privacy laws by design—Percival cannot access user data, and the service's terms outline no data sharing obligations. Community support relies on Percival's direct email responses, supplemented by thorough documentation, though occasional outages, such as those in 2012 and 2023, highlight availability trade-offs against security priorities. Percival's contributions to cloud integration earned him recognition as an AWS Community Hero in June 2019, acknowledging his 15 years of FreeBSD development, including porting the OS to EC2, which underpins Tarsnap's reliability. As of November 2025, Tarsnap remains actively maintained, with the latest client release (version 1.0.41) issued in March 2025, featuring mitigations against chunking attacks, and ongoing infrastructure updates ensuring continued service evolution.

Personal life

Percival resides in the Vancouver area, British Columbia, Canada.

References

  1. [1]
    About - Tarsnap
    Dr. Colin Percival studied mathematics at Simon Fraser University, entering at age 13, before going on to a doctorate in Computing at Oxford University, where ...
  2. [2]
    [PDF] stronger key derivation via sequential memory-hard functions colin ...
    Source code for scrypt, including reference and optimized implementations in. C, and a demonstration file-encryption utility are available for download and use.
  3. [3]
    BSDCan2009: Colin Percival
    Percival is 27 years old and lives in Vancouver, Canada. He received his B.Sc. in Mathematics from Simon Fraser University in 2001 and his D.Phil. in Computer ...Missing: biography | Show results with:biography
  4. [4]
    [PDF] The Life of Pi - CARMA
    Feb 20, 2008 · In 1998 Colin Percival, a 17-year-old student at. Simon Fraser University, utilized 25 machines to calculate first the five trillionth ...
  5. [5]
    [PDF] Matching with Mismatches and Assorted Applications
    Colin Percival. Wadham College. University of Oxford. A thesis submitted for the degree of. Doctor of Philosophy. Hilary 2006. Page 2. To the Chemist, the ...
  6. [6]
    [PDF] Cache missing for fun and profit - daemonology.net
    CACHE MISSING FOR FUN AND PROFIT. 3 time taken for each memory access. Attempts to read pages which have been previously read by the Trojan process will ...
  7. [7]
    ColinPercival - FreeBSD Wiki
    Colin Percival. Email: <cperciva AT freebsd DOT org>. Security Officer Emeritus, FreeBSD/EC2 maintainer. Day job: http://www.tarsnap.com/.Missing: biography | Show results with:biography
  8. [8]
    Guiding the future of FreeBSD releases: Colin Percival, the new ...
    Mar 7, 2024 · Glen Barber, the Release Engineering Team Lead for FreeBSD, passed the leadership baton to Colin Percival, the former Deputy Release Engineering Team Lead.
  9. [9]
    Meet the Newest AWS Heroes! June 2019
    Jun 6, 2019 · Colin Percival – Vancouver, Canada. Community Hero Colin Percival is the founder of Tarsnap, a secure online backup service which combines the ...
  10. [10]
    On the Use of a Life - Hacker News
    Sep 20, 2020 · Colin Percival studied mathematics at Simon Fraser University, entering at age 13, before going on to a doctorate in Computing at Oxford ...<|control11|><|separator|>
  11. [11]
    1999 Putnam Competition Winners - Kiran S. Kedlaya
    Colin A. Percival, Simon Fraser University. The Next Eight Highest Ranking Individuals. Each receives an award of $1,000. John J. Clyde, Duke University.
  12. [12]
    Category:Colin Percival - Wikimedia Commons
    May 13, 2023 · Canada · Simon Fraser University (Bachelor of Science, mathematics, 1994–2000); University of Oxford (Doctor of Philosophy, computer science, ...
  13. [13]
    MATH 480W: Putnam Competition - Simon Fraser University
    SFU's best performance to date was in 1999, when Colin Percival was one of the six highest ranking individuals and the team of Arthur Kowalczyk, Tomasz ...
  14. [14]
    1998 Putnam Competition Winners - Kiran S. Kedlaya
    Colin A. Percival, Simon Fraser University. Alexander H. Saltman, Harvard University. Daniel A. Stronger, Harvard University. Liang Yang, Yale University. The ...
  15. [15]
    PiHex - Wikipedia
    PiHex was a distributed computing project organized by Colin Percival to calculate specific bits of π. 1,246 contributors used idle time slices on almost ...
  16. [16]
    [PDF] Some Background on Kanada's Recent Pi Calculation
    May 16, 2003 · The last listed computation was done by. Colin Percival, an undergraduate at Simon Fraser University, utilizing a worldwide network of over ...Missing: studies | Show results with:studies
  17. [17]
    Colin Percival - Uses This
    Jun 27, 2010 · I'm Colin Percival. I'm a FreeBSD developer since 2004, the FreeBSD Security Officer since 2005, and since 2006 I've been working on the Tarsnap ...Missing: scientist biography
  18. [18]
    New FreeBSD Security Officer
    New FreeBSD Security Officer ... I asked the FreeBSD Core Team to offer the security officer role to Colin Percival, and I am happy to say that they agreed ...Missing: appointed | Show results with:appointed
  19. [19]
    New FreeBSD Security Officer - daemonology.net
    May 21, 2012 · While I'll be remaining on the Security Team to offer opinions and advice about security issues, and I'll still be managing the FreeBSD Update ...<|control11|><|separator|>
  20. [20]
    5.2. Official Hats - FreeBSD Documentation Archive
    The Security Officer's main responsibility is to coordinate information exchange with others in the security community and in the FreeBSD project. The Security ...
  21. [21]
    Contributors to FreeBSD
    Aug 11, 2024 · To see the current Core Team members you can take a look at the administration page. ... Colin Percival <cperciva@FreeBSD.org> (2010 - 2012).
  22. [22]
    FreeBSD Project Administration and Management
    Jul 31, 2025 · This page lists teams, groups and individuals within the FreeBSD project with designated project roles and areas of responsibility.
  23. [23]
    Update to the Release Engineering Team Roster
    Nov 17, 2023 · ... role as the Release Engineering Team Lead. Colin Percival will take over this role, and I will act as his Deputy Lead unless and until he ...Missing: developer leadership
  24. [24]
    Charter for the Release Engineering Team | The FreeBSD Project
    Feb 21, 2021 · Setting and publishing the release schedule for Official Project releases of FreeBSD. · Documenting and formalizing the RE procedures, so that ...
  25. [25]
    BSDCan2018: Colin Percival
    Colin Percival has been a FreeBSD developer since 2004, and has served over the years as the project Security Officer, a Core Team member, and most recently as ...Missing: roles leadership Release Engineer
  26. [26]
    Organizers - BSDCan Conference
    This is the team currently running BSDCan. Coordinator, Chair and Whip Operator: Michael Lucas; Business Organization: Colin Percival, Allan Jude; In-Con ...
  27. [27]
    February 2024 - BSDCan Operations Team
    Feb 28, 2024 · Thanks to the efforts of Allan Jude and Colin Percival, BSDCan now has a new business organization and a bank account. Sponsor support is ...
  28. [28]
    Binary diff/patch utility - daemonology.net
    bsdiff and bspatch are tools for building and applying patches to binary files. By using suffix sorting (specifically, Larsson and Sadakane's qsufsort)
  29. [29]
    portsnap(8)
    ### Summary of portsnap(8)
  30. [30]
    FreeBSD on Amazon EC2 | AWS News Blog
    Dec 13, 2010 · Colin Percival (developer of Tarsnap) wrote to tell me that the FreeBSD operating system is now running on Amazon EC2 in experimental fashion.
  31. [31]
    [PDF] Cache missing for fun and profit - daemonology.net
    CACHE MISSING FOR FUN AND PROFIT. 3. If the two processes do not share any reference file, this approach will not work, but instead an opposite approach may ...
  32. [32]
    https://www.daemonology.net/papers/htt.pdf
  33. [33]
    RFC 7914 - The scrypt Password-Based Key Derivation Function
    [SCRYPT] Percival, C., "STRONGER KEY DERIVATION VIA SEQUENTIAL MEMORY ... Authors' Addresses Colin Percival Tarsnap Email: cperciva@tarsnap.com Simon ...
  34. [34]
    The scrypt key derivation function and encryption utility - Tarsnap
    The original conference paper: Colin Percival, Stronger Key Derivation via ... The scrypt key derivation function and the scrypt encryption utility are discussed ...
  35. [35]
    Tarsnap/scrypt: The scrypt key derivation function was ... - GitHub
    The original conference paper: Colin Percival, Stronger Key Derivation via ... The scrypt key derivation function and the scrypt encryption utility are discussed ...
  36. [36]
    Tarsnap - Online backups for the truly paranoid
    ### Summary of Tarsnap Development and Technical Features
  37. [37]
    [PDF] From bsdtar to tarsnap - Building an online backup service
    Sep 28, 2013 · Until October 2008, all libarchive development happened in the FreeBSD src tree. Colin Percival Tarsnap Backup Inc. cperciva@tarsnap.com. From ...<|control11|><|separator|>
  38. [38]
    Deduplication explanation - Tarsnap
    Tarsnap deduplicates your data by: Splitting it into chunks ("chunkification"). Only uploading chunks that haven't been uploaded before.Missing: features | Show results with:features
  39. [39]
    Cryptography - Tarsnap
    All the data which the Tarsnap client sends to the server to store is encrypted with per-archive random AES-256 keys; those keys are encrypted with this RSA key ...Missing: features | Show results with:features
  40. [40]
    Deduplication - Tarsnap
    that is, identifies and removes duplicate blocks of data — from the archives it stores.Missing: features encryption
  41. [41]
    On the use of a life - daemonology.net
    Sep 20, 2020 · Having recently received my doctorate from Oxford University and returned home to Canada, I was eligible for a post-doctoral fellowship from ...Missing: scientist biography
  42. [42]
    News - Tarsnap
    Mar 21, 2025 · Effective April 1st, Tarsnap's prices are now 250 picodollars per byte-month of storage and per byte of bandwidth ($0.25 / GB), down from the ...
  43. [43]
    Bringing FreeBSD to EC2 with Colin Percival - Last Week in AWS
    May 27, 2020 · Colin Percival is the founder of Tarsnap, a secure online backup service. He's also an AWS community hero. For the last 16 years, Colin has ...Missing: biography | Show results with:biography
  44. [44]
    Don't trust me: I might be a spook - daemonology.net
    Sep 10, 2013 · Fortunately, the first principle behind Tarsnap's design is that you should not need to trust me: Data is encrypted on individual client ...
  45. [45]
    Terms and Conditions - Tarsnap
    This is a legal agreement between the person registering for a Tarsnap account ("You" or "you") and Tarsnap Backup Inc. ("I" or "me").Missing: aspects | Show results with:aspects