How to protect/encrypt R objects in RData files due to EU-GDPR

Question

I want to protect the content of my RData files with a strong encryption algorithm since they may contain sensitive personal data which must not be disclosed due to (legal) EU-GDPR requirements.

How can I do this from within R?

I want to avoid a second manual step to encrypt the RData files after creating them to minimize the risk of forgetting it or overlooking any RData files.

I am working with Windows in this scenario...

Answer 1

library(openssl)

x <- serialize(list(1,2,3), NULL)

passphrase <- charToRaw("This is super secret")
key <- sha256(passphrase)

encrypted_x <- aes_cbc_encrypt(x, key = key)

saveRDS(encrypted_x, "secret-x.rds")

encrypted_y <- readRDS("secret-x.rds")

y <- unserialize(aes_cbc_decrypt(encrypted_y, key = key))

You need to deal with secrets management (i.e. the key) but this general idiom should work (with a tad more bulletproofing).

Answer 2

I know it's very late but checkout this package endecrypt

Installation :

devtools::install_github("RevanthNemani\endecrypt")

Use the following functions for column encryption:

airquality <- EncryptDf(x = airquality, pub.key = pubkey, encryption.type = "aes256")

For column decryption:

airquality <- DecryptDf(x = airquality, prv.key = prvkey, encryption.type = "aes256")

Checkout this Github page

Just remember to generate your keys and save it for first use. Load the keys when required and supply the key object to the functions.

Eg

SaveGenKey(bits = 2048,
              private.key.path = "Encription/private.pem",
              public.key.path = "Encription/public.pem")

# Load keys already stored using this function 
prvkey <- LoadKey(key.path = "Encription/private.pem", Private = T)

It is very easy to use and your dataframes can be stored in a database or Rdata file.