Open GoogleCodeExporter opened 9 years ago
Original comment by pogoersc...@gmail.com
on 4 Apr 2011 at 9:45
To take care of this threat 2 things need to be done. One is that every group
needs a list of group shared keys. Second when a file is stored it is stored
with the current most group key. If a new user is removed or added a new group
key would need to be created and stored on the group server for the appropriate
group. A checksum would be used with every file to keep track of what key was
used with which file's encryption.
Original comment by pogoersc...@gmail.com
on 5 Apr 2011 at 5:44
- GS must create a unique shared key for a group
- when group is created, shared key is generated.
- GroupList.java, in Group class
- add class member for group shared key
- add function generateGroupSharedKey(groupName) to create a key
- add class member for group keychain
- add function addKeyToKeychain(groupSharedKey)
- GroupList.java, in addGroup(groupName, creator)
- add call to Group::generateGroupSharedKey(groupName)
- create a new
- add call to Group::addGroupSharedKeyToKeychain
-
- GS must manage keychain for groups
- make sure to only deliver the keychain if the user is in group (obvi)
- deliver keychain to user, maybe in or after AUTHENTICATE
- client must upload properly
- client must always use the most recent group key before uploading to FS
- this can be done by passing the latest key from the keychain to FileClient::upload
- using block cipher crypto such as DESede which is an algorithm provided by BC, new functions can be added to MyCrypto to allow for block cipher encryption and decryption of large files using a shared key
- client must generate a checksum to identify the key and file details
- append to ciphertext of encrypted file?
- checksum can be as simple as md5
- what's the best way to identify the key?
Original comment by christop...@gmail.com
on 7 Apr 2011 at 10:10
Original comment by christop...@gmail.com
on 8 Apr 2011 at 12:43
Original issue reported on code.google.com by
pogoersc...@gmail.com
on 4 Apr 2011 at 9:45