I'm building a prototype of a (rather simple) Dropbox-type file sharing service, where users can upload & share file(s) with other user(s).
But here's a feature request:
I want file(s) to be stored on the server in encrypted form, and
I do not want to store any keys on the server. (i.e. I don't want to give the service's maintainer the ability to access user's data.)
I don't want to force users to use 2nd (decryption?) password(s) for shared files.
Is there any cryptographic protocol that fits this task?
My previous read is:
Pattern to allow multiple persons to decrypt a document, without sharing the encryption key?
but access right revocation seems pretty complex in this case.
Broadcast/multicast encryption, maybe? I just don't know where to dig.
Aucun commentaire:
Enregistrer un commentaire