Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a P2P backup network where a peer can store data and retrieve it later from another peer. What are the best security measures I can take so that data wont be read by other users which have not created it? I was going to use single key encryption and digital signatures but I am sure whether this is the correct approach.
Thanks in advance for your help
Symmetric key (single key) encryption will work. However, getting it right is a bit tricky — be sure to learn about cipher operating modes. You should ask the user for a password, and use that to derive a master encryption key. Then you should encrypt each data block (you’re splitting your data into blocks, right?) with a key based on the master key and block number.
Digital signatures won’t prevent eavesdroping, but you should sign the content anyway, because you can’t trust the peer to give you the correct content. You should use MACs (message authentication codes), since you will have already established symmetric key anyway, and the user is the only party that needs to verify the signature.