Restic vs Borg vs Kopia Compared
I tested the three most popular open-source backup tools. Here is how they work under the hood and which one you should pick.
I’ve been running self-hosted backups for years. At some point, rsync and cron jobs stop cutting it. You want deduplication, encryption, and the ability to restore a specific snapshot from last Tuesday without digging through timestamped folders. That’s where Restic, BorgBackup, and Kopia come in.
All three are open-source, deduplicating backup tools with encryption. They all solve the same fundamental problem. But they solve it differently, and those differences matter when you’re choosing one to trust with your data.
I dug into each tool’s documentation, internals, and real-world benchmarks. This post is the result.
Why Not Dropbox, Google Drive, or iCloud?#
Let me get this out of the way first because people always ask.
Dropbox, Google Drive, iCloud, and similar services are file sync tools, not backup tools. They’re designed to keep a folder in sync across your devices. That sounds like a backup, but it’s not. If you accidentally delete a file, the deletion syncs too. If ransomware encrypts your files, the encrypted versions sync. Yes, some of these services offer version history, but typically only for 30 to 90 days, and usually only on paid plans.
There’s also the trust problem. Your data sits on someone else’s servers, unencrypted (or encrypted with keys they control). Dropbox has had security breaches. Google mines your data for ad targeting. Apple’s iCloud encryption story has improved, but for years your backups were accessible to Apple and, by extension, law enforcement. You’re trusting a corporation to not lose your data, not peek at it, not change their terms of service, and not raise prices after you’re locked in.
Then there’s the cost. Backing up 2 TB to Dropbox costs 1/month, and you control the encryption keys. Over five years, that’s 60. The math speaks for itself.
Hosted backup services like Backblaze Personal or CrashPlan solve some of these problems but introduce others. They require proprietary clients. You can’t verify what their software actually does. Restores are often painfully slow or throttled. And if the company goes under (remember CrashPlan dropping their consumer plan in 2017?), you’re scrambling.
With tools like Restic, Borg, and Kopia, you own the entire pipeline. You choose where data is stored. You hold the encryption keys. You can switch storage providers without changing your backup tool. You can verify the source code. Your backup is not a product someone can discontinue.
The Core Idea: Content-Defined Chunking#
Before comparing the tools, you need to understand the technique they all share: content-defined chunking (CDC).
Traditional backup tools split files into fixed-size blocks (say, every 4 MB). The problem? If you insert a single byte at the beginning of a file, every block shifts, and the tool thinks the entire file changed. You end up re-uploading everything.
CDC is smarter. Instead of cutting at fixed byte offsets, it uses a rolling hash, a small sliding window that scans through your file’s bytes and says “cut here” when the hash value matches a certain pattern. Because the cut points are determined by the content itself, inserting bytes at the start only affects the first chunk. Every chunk after the insertion point lands on the same boundaries as before.
Here’s a concrete example. Say you have a 4 MB file that CDC splits into four chunks:
[Chunk A: 0 to 1.1MB] [Chunk B: 1.1 to 2.0MB] [Chunk C: 2.0 to 3.2MB] [Chunk D: 3.2 to 4.0MB]Now you insert 20 bytes at the very beginning. With CDC, the result looks like:
[Chunk A': 0 to 1.1MB] [Chunk B: 1.1 to 2.0MB] [Chunk C: 2.0 to 3.2MB] [Chunk D: 3.2 to 4.0MB]Only Chunk A' changed. Chunks B, C, and D are identical. Their SHA-256 hashes match what’s already in the repository, so they don’t get re-uploaded. This is how all three tools achieve deduplication across files and across backups.
Where they differ is in the specific hashing algorithm they use.
Restic uses Rabin fingerprints, a polynomial-based rolling hash with a 64-byte sliding window. It randomly selects an irreducible polynomial at repository init time and stores it in the config, making it harder for an attacker to guess chunk boundaries. Chunk sizes range from 512 KB to 8 MB, targeting 1 MB on average.
Borg uses the Buzhash algorithm, a cyclic polynomial hash that’s fast and has good distribution properties. Borg XORs the buzhash table with a random seed stored encrypted in the keyfile, also to prevent chunk-size fingerprinting attacks.
Kopia uses a similar content-defined approach but adds a twist: it lets you configure the chunking algorithm and parameters per-policy. You can tune min/max chunk sizes, and it supports a splitter based on the Buzhash family as well. It’s the most configurable of the three.
In practice, all three achieve similar deduplication ratios for most workloads, typically 60 to 85% depending on how much your data changes between backups.
How Each Tool Actually Works#
Restic#
Restic is written in Go and ships as a single static binary. No dependencies, no runtime, no Python. Just drop it on your machine and run it.
When you run restic backup, it scans your source directory, splits each file into variable-length chunks using CDC, hashes each chunk with SHA-256, encrypts the chunk, and uploads it to the repository. Only new chunks get uploaded.
# Initialize a repository
restic init --repo /mnt/backup/restic-repo
# Create a backup
restic backup --repo /mnt/backup/restic-repo ~/documents
# List snapshots
restic snapshots --repo /mnt/backup/restic-repo
# Restore a specific snapshot
restic restore abc123 --repo /mnt/backup/restic-repo --target ~/restoreRestic’s repository structure is straightforward: encrypted chunks are packed into “pack files” stored in a data/ directory. An index maps chunk hashes to their location inside pack files. Snapshots are JSON objects referencing a tree of content hashes. Everything is encrypted with AES-256-CTR and authenticated with Poly1305.
The thing that sets Restic apart is backend support. It natively speaks S3, Backblaze B2, Azure Blob, Google Cloud Storage, SFTP, and anything rclone supports. You don’t need adapters or wrappers. You point it at a bucket and it works.
BorgBackup#
Borg is written in Python with performance-critical parts in C/Cython. It’s been around the longest of the three and has the most battle-tested codebase.
# Initialize a repository
borg init --encryption=repokey /mnt/backup/borg-repo
# Create a backup
borg create /mnt/backup/borg-repo::monday-backup ~/documents
# List archives
borg list /mnt/backup/borg-repo
# Restore
borg extract /mnt/backup/borg-repo::monday-backup
# Mount as a filesystem and browse
borg mount /mnt/backup/borg-repo::monday-backup /mnt/borg-mountBorg’s architecture stores data in a repository with a segment-based storage model. Each chunk is encrypted using AES-256-CTR with HMAC-SHA-256 for authentication (or BLAKE2b in newer modes). Keys are derived from your passphrase using PBKDF2-HMAC-SHA256 with 100,000 iterations and a random 256-bit salt.
One unique feature: Borg can mount any backup as a FUSE filesystem. You can literally cd into last Tuesday’s backup and browse it with your file manager. Very handy for “I just need that one file” situations.
Borg also supports multiple compression algorithms. You can use lz4 for speed, zstd for a good balance, zlib for compatibility, or lzma for maximum compression. You pick what matters more for your use case.
The main limitation is storage. Borg only works with local filesystems and SSH. No native cloud storage support. If you want to back up to S3, you need rclone or a FUSE mount as a workaround, which adds complexity and fragility. This is the biggest reason people look at alternatives.
Kopia#
Kopia is the newest of the three, also written in Go. It was designed from the ground up for cloud-native workflows.
# Connect to a repository (creates if needed)
kopia repository create filesystem --path /mnt/backup/kopia-repo
# Or connect to S3
kopia repository create s3 --bucket my-backups --region us-east-1
# Create a snapshot
kopia snapshot create ~/documents
# List snapshots
kopia snapshot list
# Restore
kopia restore <snapshot-id> ~/restoreKopia introduces the concept of policies, per-directory rules for compression, scheduling, retention, and even ignore patterns. You set them once and they apply consistently, whether you’re using the CLI or the GUI.
# Set a global retention policy
kopia policy set --global --keep-daily 7 --keep-weekly 4 --keep-monthly 6
# Set a specific policy for a path
kopia policy set ~/documents --compression=zstdEncryption uses AES-256-GCM or ChaCha20-Poly1305 (your choice). Kopia also supports running as a server with multi-user access control: users get individual accounts with their own access credentials, making it feasible for backing up multiple machines to a shared repository without giving everyone access to everyone else’s data.
The built-in web GUI (start it with kopia server start) offers the same functionality as the CLI. Unlike Borg’s third-party Vorta or Restic’s community browser tools, Kopia’s GUI is maintained by the same team and stays in sync with the CLI. That matters for long-term reliability.
Where Kopia really shines is cloud storage. Its parallel chunk upload pipeline is optimized for high-latency connections, and it has native support for S3, B2, Azure, GCS, and more.
Side by Side Comparison#
Here’s what I found across benchmarks, documentation, and my own testing:
| Restic | Borg | Kopia | |
|---|---|---|---|
| Language | Go | Python + C/Cython | Go |
| Binary | Single static binary | Requires Python runtime | Single static binary |
| Chunking | Rabin fingerprint | Buzhash | Buzhash (configurable) |
| Encryption | AES-256-CTR + Poly1305 | AES-256-CTR + HMAC-SHA256 | AES-256-GCM or ChaCha20 |
| Cloud storage | Native S3, B2, Azure, GCS | SSH only (rclone for cloud) | Native S3, B2, Azure, GCS |
| Compression | None built-in | lz4, zstd, zlib, lzma | gzip, zstd, s2, pgzip |
| GUI | Third-party (Restic Browser) | Third-party (Vorta) | Built-in web UI |
| FUSE mount | Yes | Yes | Yes |
| Multi-client | REST server (basic auth) | SSH-based (complex) | Built-in server with ACL |
| Backup speed (local) | ~120 to 160 MB/s | ~180 to 220 MB/s | ~100 to 140 MB/s |
| Restore speed | ~140 to 180 MB/s | ~160 to 200 MB/s | ~200 to 250 MB/s |
| Memory usage | ~100 to 200 MB | ~50 to 150 MB | ~200 to 400 MB |
| License | BSD-2 | BSD-3 | Apache 2.0 |
A few things stand out. Borg is the fastest at local/SSH backups and the most memory-efficient, but it’s the most limited in where you can store data. Restic has the broadest ecosystem and the most storage options. Kopia is the most feature-rich on the management side, with policies, a built-in GUI, and proper multi-user support.
On deduplication, all three perform similarly for typical workloads. In community benchmarks, deduplication efficiency for large files (128 MB+) is nearly identical across all three, hovering around 95 to 99%. The differences appear mostly with small files and specific patterns.
Encryption Explained Simply#
All three tools encrypt your data before it leaves your machine. This is critical: it means you can back up to an untrusted server (your cloud provider, a friend’s NAS, a rented storage box) without worrying about someone reading your files.
The basic flow is the same everywhere. You set a passphrase when creating the repository. The tool derives an encryption key from your passphrase using a key derivation function (KDF) like PBKDF2 or scrypt. This intentionally slow step makes brute-forcing your passphrase expensive. Your data chunks are then encrypted with the derived key using a symmetric cipher (AES-256 in all three tools). Finally, a MAC (message authentication code) is calculated and stored alongside each chunk. When you restore, the tool checks the MAC to verify nothing was tampered with.
Think of it like this: your passphrase is the combination to a safe. The KDF turns that combination into a key that’s the right shape for the lock (the encryption algorithm). The MAC is a tamper-evident seal. If someone modifies even one bit of your backup, the seal breaks and the tool refuses to use it.
Real-World Recommendations#
Pick Restic if you want maximum flexibility on where backups live. You have a mix of local NAS, S3, and Backblaze B2. You want one tool that works everywhere without fussing. You value simplicity over advanced features. Restic is also the safest choice if you’re not sure what you need yet. It’ll adapt.
Pick Borg if your backup target is a Linux server you access over SSH. You want the fastest possible backup/restore over a local network. You don’t need cloud storage. Pair it with Borgmatic for a clean YAML-based configuration and scheduling, and you get a rock-solid setup:
# borgmatic config.yaml
repositories:
- path: ssh://backup@nas.local/~/borg-repo
source_directories:
- /home/me/documents
- /home/me/projects
retention:
keep_daily: 7
keep_weekly: 4
keep_monthly: 6
compression: zstd,3
encryption_passphrase: "${BORG_PASSPHRASE}"Pick Kopia if you want a modern, self-contained solution with a built-in GUI and multi-user support. You’re backing up to cloud storage and want optimized parallel uploads. You want fine-grained policies without writing shell scripts. Kopia is also the best choice if you’re managing backups for a small team or family. Its server mode with per-user access control makes this straightforward.
What I Actually Use#
I run Borg + Borgmatic for my primary backups to a home server over SSH. It’s fast, reliable, and I’ve never had a failed restore. For off-site copies, I use Restic pointed at a Backblaze B2 bucket. The native S3-compatible backend support makes this painless.
Honestly, all three are good tools. The “wrong” choice is not backing up at all. Pick whichever one clicks with your setup, automate it, and test your restores regularly. The best backup tool is the one you actually run.