-3

I want to develop a website which will take the files from my computer encrypt it with my key and upload it on cloud which is only for storage purpose and decrypt it after downloading it on my computer. For this which cryptographic algorithm should i use which are available in any crypto libraries.

nitin desai
  • 11
  • Will you be uploading this from the client side or from the web server? Where does a website fit in this scenario (you can upload/download directly from your computer)? What do you care about that influences the choice of algorithm? – Jedi Jul 20 '16 at 02:50
  • File uploading will be from client side....Website hoisted on a server will use a different cloud for storing files uploaded by client..i want to encrypt those files on client side before uploading and decrypt them after downlading from cloud – nitin desai Jul 20 '16 at 02:56
  • If you only need to use online storage, you could combine ZIP with GnuPGP like here: http://security.stackexchange.com/a/126353/99028 – hamena314 Jul 20 '16 at 10:06
  • As @Josef says in his answer below, unless you can clarify exactly what you need, this is a poor question.. – Jedi Jul 20 '16 at 10:44

4 Answers4

2

What you need to do is encrypt the file(s) before uploading it to the cloud provider, and decrypt them on download.

Assumptions

  • You do not want to cloud provider to by able to read (decrypt) these files.
  • You would like something simple to implement

Do This

Use a symmetric algorithm to encrypt the files. The most common secure algorthm is AES

There are many implementations, see AES Implementations

An example is using 7-zip to encrypt the file(s) using AES, then upload them to the cloud server. This is considered secure and should hold up against all adversaries assuming you pick good settings (key length, etc.)

Want Perfect Security?

If you really want to make sure know one could ever see these files you could encrypt them with a One Time Pad, which would make the files mathematically unbreakable ever*, but would give you a key the same size as the files. Not practical normally.

*assuming random key generation

Aaron
  • 218
  • 1
  • 2
  • 9
  • 1
    @nitindesai If the answer helped you would you mind accepting it (the green check next to vote) – Aaron Mar 27 '17 at 19:32
0

Your need is just for storing the file in the cloud and assuming that the key will always be with you and only you.

Here is the list of algorithms that you can use:

  1. Triple DES
  2. RSA
  3. Blowfish
  4. Twofish
  5. AES

You can encrypt with anyone of these and upload them to cloud and for decryption, you will only be having the key.

Anders
  • 64,406
  • 24
  • 178
  • 215
Shaswat
  • 59
  • 3
  • 1
    Downvoted because some of these algorithms should *not* be used. The question wasn't just about commonly available algorithms, but which algorithms to use. – Xander Jul 20 '16 at 14:50
  • @Xander maybe pointing out which ones should NOT be used ends up being more usefull than a simple downvote. – YoMismo Jul 20 '16 at 15:17
  • @YoMismo All of the options listed (for various reasons) except for AES. There are a few other reasonable choices, but none listed here. – Xander Jul 20 '16 at 15:20
  • I'd recommend [AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) – Aaron Jul 20 '16 at 17:52
-1

The one that fulfills your requirements.

  • If you just want to upload and download it, don't encrypt it.

  • If you want to encrypt it because encryption sounds so cool, just XOR it with 01010101b.

  • If you want to encrypt it to be secure, define what secure means for you.

    • Do you want to prevent the cloud provider from automatically analyzing your file?
    • Do you want to prevent the cloud provider from decrypting your file now?
    • Do you want to prevent the cloud provider from decrypting the files in 1/10/100 years?
    • Do you want to prevent powerful governments (e.g. NSA) to decrypt your file now/in 1/10/100 years?
    • ...

  • How much CPU resources can you use for encryption?

  • Does the hardware you use has support for some encryption like AES-NI?
  • Are there legal/regulatory rules you have to comply with?
  • ...

With the little information you gave, no one can properly answer that question.

If you don't really care, download this report and just pick one cipher at random from page 23 or 27

Josef
  • 5,903
  • 25
  • 33
  • My guess is that it wouldn't be so hard to provide algorithms to answer each option you show. But yes it would be very helpful if the OP would provide more info – Aaron Jul 20 '16 at 13:36
  • There is not one algorithm per option I show. You have to consider **all** your requirements and find a algorithm/solution that fulfills them. But feel free to come up with an example for each. – Josef Jul 20 '16 at 14:19
  • Almost none of these are the right questions for symmetric encryption. – Xander Jul 20 '16 at 15:03
  • If that is your opinion, please post the questions which are relevant – Josef Jul 20 '16 at 16:56
  • @Josef Unless the person answering the questions is an actual cryptographic architect who *can* answer them knowledgeably, there aren't many. It's more about what can you use that offers the lowest potential for failure. – Xander Jul 20 '16 at 17:25
  • @Josef The only one on your list that was a good question for general purpose use as the OP described is the last one...Are you constrained by legal or regulatory rules. If you need to be FIPS complaint, for instance, that will certainly inform your choice. For the scenario the OP described however, all the rest are irrelevant. – Xander Jul 20 '16 at 17:28
-1

AES is available in any crypto library. Use AES. Or better than that, use a blackbox library like NaCl or libsodium with the defaults, which was designed by a top-notch cryptographer, meaning you don't have to worry about screwing up the implementation which you are indeed quite likely to do if you try and implement this yourself.

Xander
  • 35,525
  • 27
  • 113
  • 141