Random-access file encryption

New Message Reply About this list Date view Thread view Subject view Author view

Frank O'Dwyer (fod@brd.ie)
Wed, 16 Dec 1998 12:04:34 +0000


I'm looking for a good technique for encrypting & integrity protecting
files so that they can still be randomly accessed and updated. I'm
familiar with Matt Blaze's approach to this in CFS, but presumably there
are others. I'd also be interested in any comments on the following
approach:

Assume there is some master key Km for the file, then:

(1) split the file up into fixed size blocks (say 1K).

(2) To protect a block, compute Kbp=SHA1(1,Km,BN) and Kbi=SHA1(2,Km,BN),
where BN is the position of the block in the file. Use Kbp as an
encryption key and Kbi as a MAC key. Compute a MAC over the cleartext
concatenated with BN, then using a random IV encrypt the cleartext and
the resulting MAC, store that and the IV in the file.

(3) To read back a block, compute the keys as before, decrypt then
verify the MAC. Reject blocks whose MAC doesn't verify.

Cheers,
Frank O'Dwyer.


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:17:37