0

I want to share a big file(All existing formats) with others. As I'm using Android phones as client/server I want to reduces the CPU overhead and Time it takes to encrypt/decrypt.

My idea is to use a method like partial encryption.

Is there a safe way to do so without huge overhead ?

M at
  • 165
  • 7
  • Well I'm working on an android file sharing for big files. I wanted to minimize CPU usage so I thought there may be a way. for example encrypting even chunks can work I guess. – M at Oct 05 '17 at 15:52
  • 3
    Even most smartphones have AES in hardware so the computational overhead of doing it right is not that bad. – Tobi Nary Oct 05 '17 at 16:03
  • Look at this article https://stackoverflow.com/questions/3045520/aes-acceleration-for-java . It's not an easy way also not widely supported. – M at Oct 05 '17 at 16:11
  • 2
    @MahdiRafatjah: if you want to do file sharing over a network the speed of encryption might even exceed the speed of your network (at least with typical wifi), i.e. the bottleneck for sharing is the network and not the encryption. So I would not worry about performance at this part too much. – Steffen Ullrich Oct 05 '17 at 16:12
  • That's a good point. I should probably make an implementation so I can decide. Can you suggest me what to do with my question ?? should I remove it? if not what should I do ? – M at Oct 05 '17 at 16:15
  • 1
    Apart from that there are faster ciphers than AES if you don't have hardware acceleration, for example ChaCha20 – Steffen Ullrich Oct 05 '17 at 16:15
  • 1
    The comments suggest that you've asked the question the wrong way, i.e. you did not ask how to optimally share big files but you've focused already on your specific idea to do it, i.e. not fully encrypting it. I would suggest that you either remove your question or change it to focus on the problem of sharing big files and not your particular idea of a solution of encrypting only parts of it. – Steffen Ullrich Oct 05 '17 at 16:18
  • Why is simply using SSL during transfer not an option? – Rob Rose Oct 05 '17 at 17:21
  • @RobRose The most important part for me is the client side. I want to give the access key after downloading the file. as nodes are not stable I thought the best way to make sure people are getting the data then paying for it. – M at Oct 05 '17 at 17:25
  • @MahdiRafatjah Well breaking the file into chunks and encrypting each one separately is going to take longer to decrypt/encrypt than decrypting/encrypting as a whole would take. See: https://security.stackexchange.com/a/5331/160331 – Rob Rose Oct 06 '17 at 00:33

1 Answers1

1

Partial encryption is not a good idea in general since depending on the file type even clear text fragments can be used to extract sensitive information. Thus the best way is to do full encryption, but in a cheap way.

Depending on the CPU there might be hardware based AES available in which case this is the best option, both in terms of performance and battery usage. If no hardware based AES is available a fast software based algorithm like ChaCha20 is recommended. See also Do the ChaCha: better mobile performance with cryptography.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
  • For files like movies would partial encryption works (as it ruin the mood) ? – M at Oct 05 '17 at 16:36
  • 1
    @MahdiRafatjah: If you just want to make the movie impossible to play then partial encryption of strategic, format dependent places, would be enough. If you want to hide which movie was transferred I would not rely on partial encryption. – Steffen Ullrich Oct 05 '17 at 16:38
  • Round reduced versions of ChaCha (ChaCha8 or ChaCha12) are a good choice if you don't care about about a thin security margin. – CodesInChaos Oct 05 '17 at 17:07
  • @MahdiRafatjah If you're dealing with movies you could look into android's DRM library: https://developer.android.com/reference/android/drm/package-summary.html. I've never used it, but it might be relevant. – Rob Rose Oct 06 '17 at 00:35