[Cryptography] Best/simplest document encryption
Henry Baker
hbaker1 at pipeline.com
Thu Mar 21 16:54:14 EDT 2019
Hi all:
Here's the most basic crypto question of all:
What is the best (most secure & easiest to
use) system for *non-crypto* people to use
who have different platforms?
I.e., there are *senders* and *receivers*:
Senders can encrypt & send from a number of
different platforms: Windows, MacOs, Linux,
iPhone, Android. Document can be anything
from a text file to a (small) movie.
Receivers can decrypt & receive on the
same platforms.
I don't trust Chrome or Firefox to do the
encryption/decryption, but I'm happy to let
them do the transmission of the encrypted
document.
I would love to use an open source system
if one exists, and I'd love to be able to
do a *reproducible build* of such a system.
For this purpose, I'm primarily interested
in commercial secrets, but these secrets
could conceivably be worth > $1 million.
Obviously, I can't control what happens if
either the sender's or receiver's platform
is compromised, but I would like to force
the sender & receiver to actually type in
a password/passphrase that they can exchange
via a 2FA (e.g., a phone call).
For this particular application, a symmetric
key system might be adequate.
It might be a good thing if the encryption
program kept a history list of salted hashed
passphrases to make sure that the user never
used any of these again.
More information about the cryptography
mailing list