Answer the question
In order to leave comments, you need to log in
O
O
Oscar Telmanov2016-11-28 11:27:58
Oscar Telmanov, 2016-11-28 11:27:58
How to encrypt the user's files in the application with the ability to decrypt so that none of the application developers can decrypt them?
Colleagues, the approach itself, not the implementation, is of interest.
For example, I have a user whose data is almost classified as confidential, how to make it so that no one can decrypt it except the user. How to protect data from those who work on the application, developers, system administrators, everyone who has access to file storage?
ps There was an idea to put the files in a certain container, which is encrypted with a hash from the password + salt, but this does not work - the programmer can take the hash and decrypt them.
5 answer(s)
@Oskar87
@CityCat4
@GavriKos
@xmoonlight
@Oskar87
A
Andrew, 2016-11-28 @Oskar87
And what exactly is your application supposed to do with this data?
If you are simply transferring, storing, organizing containers without understanding their essence, you will be able to operate encrypted containers, for example, using a non-retrievable key stored on a USB key fob.
But if the program being developed must understand the semantics of the data, i.e. process them in the full sense of the word, then what kind of protection can we talk about? The developer always has the opportunity to add a bookmark to the code that copies the data at the moment when they are decrypted. Cryptographers devote a lot of time to solving this problem, the so-called. homomorphic encryption . But the results are still far from applicable in practice.
C
CityCat4, 2016-11-28 @CityCat4
There is always an end point.
For example, e-mail with certificates - each user has a certificate, it is regularly updated, forced encryption when sending ... Yes, mail is stored in encrypted form - neither admins nor anyone else will read it, but
- it can be read by the person who generates and issues certificates
- it can be copied while the application is running using undocumented features (and this is exactly how it is done)
So, if the application somehow operates with data, it will have to see them in decrypted form - otherwise it will not be able to work . And if it can see them, it can copy them :)
G
GavriKos, 2016-11-28 @GavriKos
Any encryption with a key + key is only for the user and decryption also occurs on the user's side.
X
xmoonlight, 2016-11-28 @xmoonlight
Data encapsulation in crypt packages.
Where you will decipher them later and how exactly is up to you.
Data exchange between users - can be done through asymmetric encryption (PGP): i.e. Users exchange keys themselves OUTSIDE the application.
Then without keys - there will be only a crypt-container and that's it.
O
Oscar Telmanov, 2016-11-28 @Oskar87
In particular, these can be photos, videos, audio files - which the user can watch at any time. Yes, you are right, I come to the conclusion that with such a condition as mine, files cannot be protected.
There is an option to keep the key database on a separate server, and only an application under a certain user whose credentials are encrypted can go there. But this is more org. option and again will not protect against a mitm attack
Similar questions
E
T
B
bitfoot2017-08-06 14:15:37
On fingers, what is the difference between NaCl and Signal protocols?
0Reply
K
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question