I'm creating a cloud storage service and need to have the ability to provide reliable security for clients. In my previous question, I used a different schematic and said I would post a new question.
I'm still trying to achieve security against the NSA and the possibility of legal issues. I would like to have my users encrypt their files before sending them to my servers. I will use AES-256 and the key will be created by hashing the user's password 1,048,576 (2^20) times to avoid brute force attempts.
The issue is that anyone can upload files, delete files, or modify them this way. I need to be able to verify the password, but at the same time, not expose it to the server. I was wondering if the password could be use to sign the information sent to the server, to not only verify the identity of the user, but also prevent tampering of the contents during transportation. What is the best way to do this without exposing the password or its hash?