1

We are building a mobile app which requires storing files encrypted on the device and later upload it to a server. Only the server needs to be able to decrypt it and if the device is compromised the files should be not decryptable.

I've been exploring using public key encryption for this purpose however I've read in some places that using asymmetric keys to encrypt large files isn't efficient and envelop encryption is a better approach. The steps for envelop encryption/decryption are

  1. Client device (C) gets Server (S) public key
  2. C creates a symmetric data encryption key (DK)
  3. C encrypts file using DK
  4. C encrypts DK with S's public key
  5. C uploads file to S with both the encrypted file and encrypted DK
  6. S decrypts the encrypted DK using it's private key
  7. S decrypts the file using DK

My question: Are the above steps correct and are there libraries that implement this flow? AWS encryption SDK provides this functionality, however we need to implement this in mobile app which isn't able to connect to/use AWS

ubi
  • 4,041
  • 3
  • 33
  • 50

1 Answers1

2

Are the above steps correct

Indeed these steps are correct to encrypt using asymmetric encryption (PKI)

are there libraries that implement this flow

You can use the default crypto package. Please the Cipher class for supported set of ciphers.

gusto2
  • 11,210
  • 2
  • 17
  • 36
  • The _device is compromised requirement_ bothers, me. The key derivation method shouldn't be deterministic and it is not mentioned. The Sealed box is very good but has anonymity. – kelalaka Feb 17 '19 at 20:32