找到你要的答案

Q:How to provide access to encrypted files without decryption complete?

Q:如何提供对加密文件的访问而不解密完成?

I'm writing a small Java application similar to TrueCrypt, it is a container with encrypted user files.

There is a problem with access to encrypted files. At the moment, I'm using this approach: 1. When connecting the container completely decrypt all files in a common folder. 2. Mount folder as a drive. 3. Watch the events in a folder decrypt files using WatchService. 4. For example, when adding a new file is encrypted, and it is stored in the container. 5. After disconnecting the container delete all encrypt files and unmount folder.

I would like to find a solution that would allow to decrypt only the files that the user wants to use, such as providing the user access only to the names of the files, and when the user wants to use to decrypt only one file.

The requirements are: to use only native system file manager, don't write own file manager, a decision should be cross-platform.

At the moment, there is an idea to implement the FTP protocol, or WebDAV and mount it as a network drive.

Is there a simple and elegant solution?

我在写一个java小应用程序类似的加密软件,它是一个加密的用户文件的容器。

There is a problem with access to encrypted files. At the moment, I'm using this approach: 1. When connecting the container completely decrypt all files in a common folder. 2. Mount folder as a drive. 3. Watch the events in a folder decrypt files using WatchService. 4. For example, when adding a new file is encrypted, and it is stored in the container. 5. After disconnecting the container delete all encrypt files and unmount folder.

我想找到一个解决方案,它只允许解密用户想要使用的文件,例如只提供用户访问文件的名称,当用户只想解密一个文件时。

要求是:只使用本地系统文件管理器,不写自己的文件管理器,决定应该跨平台。

目前,有一种想法实现FTP协议,或WebDAV和安装为网络驱动器。

有一个简单而优雅的解决方案吗?

answer1: 回答1:

One possibility would be to encrypt each file in the container separately. Encrypt the directory separately as well. When connected, just decrypt the directory file for the user to see. Other files are decrypted/encrypted as the user opens and saves them. Use a similar process for subdirectories if any are present.

This is more complex to run than encrypting the whole container in a single large encrypted file. It will also impose a delay on individual file access due to en/decryption.

一种可能性是分别加密容器中的每个文件。分别加密目录。连接时,只需解密目录文件供用户查看。其他文件解密/加密并保存用户打开。使用类似的过程的子目录,如果存在。

这比在单个大型加密文件中加密整个容器更复杂。它也将对个人文件访问延迟由于EN /解密。

java  file  encryption  cryptography  filesystems