> Sam, you mentioned that in your app, every user has his own pair of > keys and the private key is stored encrypted with the users password. > How many users does your system have? I was also considering trying > to set something like this up, but I believe it will be far to much > overhead for the number of users my system will have.
My system might have potentially many thousand users. For me, this approach only makes sense, because every user is storing and sharing very sensitive information, that only a limited number of people may access. > Maybe this isn't the right approach for what I need to accomplish. In > more detail, what I want is to allow users to be able to flag certain > content to be encrypted within the DB. The system will have many > users (possibly tens of thousands) that will be able to request to see > this content when they are logged in (which will require the encrypted > content to be retrieved, decrypted, and presented to the user). If all users may access the same information, then you could use a shared key for all users. You could then encrypt the single private key with each users password. One drawback with a shared key is, that if one user has a weak password, it might be very easy to compromise your data through brute forcing the key. Also it is not so easy to retract a compromised key. Assigning each user his own pair of keys gives you other advantages like ensuring Authenticity and Integrity of the stored information. Anyway: There is not a single solution, that fits all needs. It all depends, against what kind of threats you want to protect your data. And: I am not an encryption expert, just someone trying to solve a similar problem. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
