Cryptography Separating encryption metadata and the actual encrypted file

---

Separating encryption metadata and the actual encrypted file Posted: 19 Nov 2018 11:27 AM PST Hello! I'm currently wondering about implementing some sort of cloud storage with client-side encryption with the ability to easily share encrypted files (for a side-project). Based on my research, I'm planning to implement the encryption with a PGP-like scheme. For each file encrypted, generate a random symmetric key and encrypt this key with the public key of the user. Now, the problem, I would like to add the possibility to share an already encrypted file with other users. The idea would be: decrypt the symmetric key with the private key of one of the file owner (the one who wants to share the file), encrypt the symmetric key with the public key of the other users. Unfortunately, openpgp doesn't allow this kind of update as it would require rewriting the file since the encryption metadata and the encrypted file are the same file. This led to my question, is storing the metadata and the encrypted files in different files a bad practice in security (knowing that my software is the only one modifying and accessing the data)? Is there any good practices when separating metadata and encrypted files? Thanks a lot! PS: I'm not a crypto nor a cybersec expert but I'm just a software engineer interested in the field. submitted by /u/charlesvdv [link] [comments]

You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States