Self encrypting files (convergent encryption plus obfuscation)
|MaidSafe website||SAFE Dev Forum||SAFE Network Forum|
A version of convergent encryption with an additional obfuscation step. This pattern allows secured data that can also be de-duplicated. This library presents an API that can be utilised in any application that provides a POSIX like filesystem interface, dealing very effectively with the content part of any data (in tests the parallelised approach can actually be faster than reading/writing data as a single stream). It is important to realise two important aspects of this library:
- This library deals with file content only
- This library provides very secure data, but does return a data structure (DataMap) that in turn requires to be secured.
Video of the process
This library splits a file into encrypted chunks and also produces a data map for the same. This data map with encrypted chunks enables the file to be reconstituted. Instructions to use the 'basic_encryptor' example are as follows:
Encrypt a file:
cargo run --example basic_encryptor -- -e <full_path_to_any_file>
You should now have the example binary in
data_map for the given file and it's encrypted chunks will be written to the current directory.
Decrypt a file:
cargo run --example basic_encryptor -- -d <full_path_to_data_map> <full_destination_path_including_filename>
This will restore the original file to the given destination path.
self_encryption is licensed under GPLv3 with linking exception. This means you can link to and use the library from any program, proprietary or open source; paid or gratis. However, if you modify self_encryption, you must distribute the source to your modified version under the terms of the GPLv3.
See the LICENSE file for more details.