Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I encrypt user content on my site so that not even I can access the content?

Tags:

encryption

I need to encrypt content in my web application on a per-user basis.

I, the root user, do not want to have access to users' content, period.

How can I make it so users are the only ones with access to their content? Perhaps I can make it so a hash of their login password acts as an encryption and decryption key (then their password is stored one-way hashed in my database, and the encryption/decryption hash is generated from their raw password on login and stored in a local cookie)? But what if they change their password? Then I have to update all their content which could take a lot of processing power.

Is there an encryption method that would provide this, without having to re-encrypt their content if their password changes? Something similar to ecryptfs on Linux, perhaps? Is researching ecryptfs a good place to start?

Is making it so only the user can access their content on my servers (and not even me) even feasible?

like image 562
Chad Johnson Avatar asked Oct 07 '11 16:10

Chad Johnson

People also ask

What do most websites use to enable encryption?

HTTPS uses the encryption protocol called Transport Layer Security (TLS). In the past, an earlier encryption protocol called Secure Sockets Layer (SSL) was the standard, but TLS has replaced SSL. A website that implements HTTPS will have a TLS certificate installed on its origin server. Learn more about TLS and HTTPS.

Can you encrypt data on SharePoint?

Per-file encryption is also in OneDrive for Business and SharePoint Online in Microsoft 365 multi-tenant and new dedicated environments that are built on multi-tenant technology. While BitLocker encrypts all data on a disk, per-file encryption goes even further by including a unique encryption key for each file.

What is TDE and why do we use it?

Transparent data encryption (TDE) encrypts SQL Server, Azure SQL Database, and Azure Synapse Analytics data files. This encryption is known as encrypting data at rest. To help secure a database, you can take precautions like: Designing a secure system.

1 Answers

Process:

  1. Generate a random secret to encrypt their content.
  2. Using their provided password encrypt the random secret from #1.
  3. Store their password as a one-way hash (with salt, maybe multi-hash).

Upon Password change:

  1. Re-generate the value from step #2.
  2. Re-generate the hash-cache from step #3.

Upon Login:

  1. Hash password and check against hash generated in step #3.
  2. If password matches - use actual provided password to decrypt random secret from #2.
  3. Use random secret from #2 to unlock data encrypted in #1.

Notes:

  • No one can decode the data without knowing the random secret (#1). Random secret can only be unlocked with user's actual password (#2) (short of brute-force). User's actual password is only known in one-way hashed form (#3) so you can confirm it's the same, but cannot decode it and recover #2.
  • A forgotten password process is not possible (you can regenerate #3, but random key in #2 is now lost as is everything locked in their vault).
  • You don't have to re-encrypt everything in step #1 every time they change their password, only the (simple/quick) random secret from #2.
  • If you cache their provided password, or the random secret generated at step 1, or their (decrypted) content anywhere you could cause data leaks.
like image 172
Rudu Avatar answered Oct 28 '22 04:10

Rudu
Sign in to Comment

Related questions

Expired SSL Certificate and Encryption
PHP openssl_public_encrypt "key parameter is not a valid key"
Android AES 256-bit Encrypt data
GnuPG: How to encrypt/decrypt files using a certain key?
Stopping decryption before EOF throws exception: Padding is invalid and cannot be removed
How to store modulus, public exponent and private exponent securely on Android?
How to configure SonarCloud
Android public key encryption
Rijndael 256 Encrypt/decrypt between c# and php?
Deterministic RSA encryption in Java
C# AES Rijndael - detecting invalid passwords
How to create a normal password-protected ZIP archive?
How to save CryptoKey in LocalStorage?
What exactly is a "key container"?
Seeking in AES-CTR-encrypted input
How to decrypt an ArrayBuffer?
IV must be 16 bytes long error in AES encryption
Secure Remote Password (SRP) in laymen terms
Why is `sudo` Slow When Password is Incorrect?
Java encryption alternitive to hardcoded key

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!