You are not logged in.

#1 2015-07-31 22:23:42

JayDoe
Member
Registered: 2014-09-20
Posts: 27

Multi-User File Encryption over Network

Hi all,
I'm looking for a method, to encrypt files on a server with the possibility to add and remove keys to give multiple user access to the files. It should be possible to change the privileges later on.
I want to have the files encrypted on the server. The users can download the file from the server and decrypt it locally on the user pc. Do you know about a nice, working solution? A C/C++ API for the encryption tool would be also nice.

Thank you in advance,
JayDoe

Offline

#2 2015-08-01 08:24:16

dice
Member
From: Germany
Registered: 2014-02-10
Posts: 413

Re: Multi-User File Encryption over Network

In which kind of environment do you want to use this (e.g. family, company, etc.)?
Would using gpg with a symmetrical encryption and the key known to each user be feasible for your scenario?


I put at button on it. Yes. I wish to press it, but I'm not sure what will happen if I do.  (Gune | Titan A.E.)

Offline

#3 2015-08-01 21:46:39

JayDoe
Member
Registered: 2014-09-20
Posts: 27

Re: Multi-User File Encryption over Network

Thanks for you reply. I want this to use in my company to securely store files. I know, I can control the access to the files in many different ways, but if there's a possibility to (additionally) supervise the access by encryption, I would prefer that. Unfortunately, having the same key for every user is not feasible.

I also searched for it for a while and couldn't find something suitable, but as LUKS supports something like this (multiple keys for a single device with possibility to revoke/add keys), I'm still hoping to find something similar for file based encryption.

Offline

#4 2015-08-02 08:22:51

dice
Member
From: Germany
Registered: 2014-02-10
Posts: 413

Re: Multi-User File Encryption over Network

Actually gpg supports encrypting files for multiple recipients by simply specifying multiple of them.
For example:

gpg -e  --recipient foo@bar.com --recipient bar@foo.com --output test.doc.gpg test.doc

You need one gpg key for each of your users and it should work.


I put at button on it. Yes. I wish to press it, but I'm not sure what will happen if I do.  (Gune | Titan A.E.)

Offline

#5 2015-08-02 09:48:34

JayDoe
Member
Registered: 2014-09-20
Posts: 27

Re: Multi-User File Encryption over Network

Yes I know, but the recipients are fixed, I can't add/revoke them after the file was encrypted. That's so pity, because otherwise gpg would be the perfect solution.
But I found a workaround, which will maybe work for me: https://unix.stackexchange.com/question … t-a-normal

Offline

#6 2015-08-02 22:46:58

dice
Member
From: Germany
Registered: 2014-02-10
Posts: 413

Re: Multi-User File Encryption over Network

Couldn't you just re-encrypt the file with the new recipients? It would be quite some encryption overhead...how big are those files?


I put at button on it. Yes. I wish to press it, but I'm not sure what will happen if I do.  (Gune | Titan A.E.)

Offline

#7 2015-08-03 06:28:41

JayDoe
Member
Registered: 2014-09-20
Posts: 27

Re: Multi-User File Encryption over Network

It differs very much, but mostly below 10 MB. But many files... Maybe I will just make an own encryption for every folder.

Offline

Board footer

Powered by FluxBB