K
K
kAIST2011-01-03 17:29:14
Encryption
kAIST, 2011-01-03 17:29:14

Data encryption in the program

It was necessary to fasten encryption to the program. I read a little on this topic.
As far as I understand, private key encryption is suitable. The user's password will be the private key that will be used to decrypt the data. I liked this because with this approach, you do not need to store a password.
But there was a problem: there are several users, respectively, the passwords are different, and access is needed to shared data.
What can be done in this case?

Answer the question

In order to leave comments, you need to log in

4 answer(s)
O
olololog, 2011-01-03
@kAIST

Encrypt data using a single key, and encrypt the key for each user with his password. Thus, each password opens access to encrypted data and the compromise of one password does not affect the rest of the _passwords_. However, encrypted data can be compromised with any of the passwords.

D
Disasm, 2011-01-03
@Disasm

Separate data into public and private. The key to the general data is stored in the private data of each user, and the key to the private data is generated based on the user's password.

C
codecity, 2011-01-03
@codecity

>>The user's password will be the private key that will be used to decrypt the data.
Clarification.
Private key is an asymmetric cryptography term. The password cannot be a private key. There are 2 main algorithms for asymmetric cryptography: RSA and DSA (DSA is for elliptic curves, ECDSA). None of them can use a password as a private key.
Although ... I just now had a grandiose idea - to generate p and q (the same all the time) from a password - then you do not need to store the private key. Went thinking about this...

A
agul, 2011-01-03
@agul

Is it possible to store all passwords in one place (databases, for example)?

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question