javascript - Envelop encryption large file
问题描述
We are building a mobile app which requires storing files encrypted on the device and later upload it to a server. Only the server needs to be able to decrypt it and if the device is compromised the files should be not decryptable.
I've been exploring using public key encryption for this purpose however I've read in some places that using asymmetric keys to encrypt large files isn't efficient and envelop encryption is a better approach. The steps for envelop encryption/decryption are
- Client device (C) gets Server (S) public key
- C creates a symmetric data encryption key (DK)
- C encrypts file using DK
- C encrypts DK with S's public key
- C uploads file to S with both the encrypted file and encrypted DK
- S decrypts the encrypted DK using it's private key
- S decrypts the file using DK
My question: Are the above steps correct and are there libraries that implement this flow? AWS encryption SDK provides this functionality, however we need to implement this in mobile app which isn't able to connect to/use AWS
解决方案
推荐阅读
- angular - 只有第一个元素的数据以模态形式出现 Angular ngFor
- android - 如何从 Google Play 控制台退出 Android Auto
- python - Python Matplotlib - 如何仅在折线图上注释 y 轴值?
- android - 为什么我不能在 Android 上使用 Qt 在 app 目录中创建多个文件
- c++ - gcd 和 lcm 函数在具有 mingw 的 Vs 代码编辑器中不起作用
- r - 如何添加一个名为“moneyness”的变量,当没钱时取 TRUE,否则取 FALSE?
- scala - 为Dataframe中的每一行执行API调用(scala)
- amazon-web-services - AWS Step Function ContainerOverrides 清除已定义的环境变量
- c# - 使用动态运算符过滤键值对
- php - 创建项目 Laravel 安装失败