jcnelson
commented
10 years ago Don't use convergent encryption. Just have one symmetric key, encrypted with the public keys of the authorized readers and writers.
Closed jcnelson closed 10 years ago
jcnelson
commented
10 years ago Don't use convergent encryption. Just have one symmetric key, encrypted with the public keys of the authorized readers and writers.
jcnelson
commented
10 years ago We will address this as a UG driver. It won't be a built-in feature.
Make it so user blocks will be encrypted, and the decryption key will be transmitted to only authorized users.
The challenge is to do this efficiently, so that (1) modifying a block doesn't require downloading the whole file and re-encrypting it, and (2) a set of authorized users can read the data, without creating a ciphertext for each user. One approach is convergent encryption (as used in FarSite).