-
Notifications
You must be signed in to change notification settings - Fork 2
Open
Description
Ideally we'd be able to send a user a link to the repo including a short password and then they'd be able to download and decrypt the repo with that password.
It seems like argon2 is the current state of the art in key derivation. Here's the thinking:
- Add a plain text file to the encrypted repo which contains
- The key derivation salt and other inputs
- The key length, potentially for each key
- Some kind of encryption "version" or algorithm information
- This would allow for future upgrades of the protocols in use, etc
This would allow somebody knowing the password and having the repo contents to be able to decrypt, while still making the contents without the password impossible (currently computationally infeasible) to decrypt.
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels