encryption algorithms

I have a P2P backup network where a p开发者_Go百科eer can store data and retrieve it later from another peer. What are the best security measures I can take so that data wont be read by other users which have not created it? I was going to use single key encryption and digital signatures but I am sure whether this is the correct approach. Thanks in advance for your help

Symmetric key (single key) encryption will work. However, getting it right is a bit tricky -- be sure to learn about cipher operating modes. You should ask the user for a password, and use that to derive a master encryption key. Then you should encrypt each data block (you're splitting your data into blocks, right?) with a key based on the master key and block number.

Digital signatures won't prevent eavesdroping, but you should sign the content anyway, because you can't trust the peer to give you the correct content. You should use MACs (message authentication codes), since you will have already established symmetric key anyway, and the user is the only party that needs to verify the signature.

The question is vague, but anyway here goes:

Each peer generates a unique encryption key - known only to itself. When it needs to store data, it should do e.g: Hash data with e.g. a SHA algorithm, concatenate data and hash, encrypt, store. This allows for a cheap verification of data after retrieval without having to deal with asymmetric algorithms.

To summarize: Use hashing and symmetric encryption algorithms without known weaknesses, such as SHA-2 and AES, avoid e.g. MD5 and DES. No need for asymmetric algorithms such as RSA/DSA, rather sign with an embedded hash.

If, as I understood, is only the creator that retrieve the stored data, then a single key encryption mechanism should be enough because data are encrypted and decrypted only by that user, without the needing of a key exchange.

Certificates (or public/private keys)aren't necessary because no other user are involved in the encryption process.

Take in consideration also the need of use a MAC function(Message Authentication Code) to assure that the data stored wouldn't be modified.

The primary way of busting encryptionsm, especially in this scenario, still is brute force. It works very well and very efficient in most cases.

To crack for example the secret token used to sign some URL or the password behind an md5 hash you can just crank up a bunch of Amazon EC2 instances, just pay them for the time you need them, and distribute the brute force attack. Most algorithms work far better on GPUs rather than CPUS but its mostly more convinient because you can rent and share CPUs better.

So what does this mean? In theory you can bust into any password or key protected account in a matter of minutes if you can distribute the attack. In practice this mostly doesnt work because the authentication server limits the number of requests, therefore limiting your ability to apply brute force.

In this case it sounds like you are completly giving away the data to an potential attacker.

So if you store files on my computer and i want to crack them, I can distribute them to a huge computing cloud (that only costs me a few hundret buck for that short endevour) and bust your signature.

If this is possible, not even long digital signatuers are secure. Of course the amount of computing power needed rises exponentially with the lengh of the key but thats not really enough.

So after this introduction ... So what is the way to go?

In my opinion the best would be to generate a unique signature for each and every file and leave them at the client side. Do NOT use a shared signature.

So if i send over fileA.zip to your server I keep a fileA.zip.key on my side that enables me to decypher it. In this way you can bust one file, but my account is not comporomised.

If you do a 2048 bit key or somethig that is sotred for every file individually this should be really quite secure.

You can also think about using bcrypt where you can deliberately slow down the encryption process, to make attacks harder. but keep in mind that this also slows down the decyphering on your end. But if its backup storage or something only this would be a considerable security gain.