Answer the question
In order to leave comments, you need to log in
How to provide transparent access to encrypted files without their complete decryption?
Hello!
I am writing a small Java application similar to TrueCrypt, it is a container with encrypted user files.
There is a problem with getting access to encrypted files. At the moment, I use the following approach:
1. When I connect the container, I completely decrypt all files into a regular folder.
2. I mount the folder as a disk.
3. I watch events in the folder with decrypted files using WatchService.
4. For example, when adding a new file, I encrypt it and save it to a container.
5. After disabling the container, I delete all decrypted files and disable the folder.
I would like to find a solution that would allow decrypting only those files that the user wants to use, for example, giving the user access only to the names of the files, and when the user wants to use the file, decrypt only one file.
The requirements are as follows: use only native explorer, that is, do not invent your own file manager, the solution must be cross-platform.
At the moment, there is an idea to implement the FTP or WebDAV protocol and mount them as a network drive.
Is there a simpler and more elegant solution?
Answer the question
In order to leave comments, you need to log in
At the moment, I use the following approach:
1. When I connect the container, I completely decrypt all files into a regular folder.
2. I mount the folder as a disk.
3. I watch events in the folder with decrypted files using WatchService.
4. For example, when adding a new file, I encrypt it and save it to a container.
5. After disabling the container, I delete all decrypted files and disable the folder.
Everything has already been described correctly in Maxim Kuznetsov
's answer
. I'll just add a link to my earlier answer: What program should I use to protect data on a USB flash drive on the fly? - I am sure that without administrator rights it is impossible to implement what you want with native programs. There are actually 2 solutions: either a connection at the device driver level (which requires administrator rights on the PC) or a hardware solution as described in the link.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question