Custom Keys

To create and use a custom key, you simply need to provide a password before submitting the file for upload.

You can use a unique password for each file you upload or use the same password for different files.

Benefits

A custom key (aka password-derived key or password-based key) effectively secures the file from unauthorized access by requiring the key's password to decrypt the file. That is:

• Anyone who tries to visit the file's details/download page will first need to enter the password.
• Anyone who gains access to the file by any other means, such as by breaching the website's security mechanisms, will not be able to decrypt the file without the password.

Drawbacks

Once a file is uploaded, it's encryption key can't be changed, meaning a password can't be added, changed or removed.

If you use a custom key to upload your file, (as the file's owner) you can still access its download page from your account (to view the file details, obtain its download link or delete the file), but you will need to re-enter the password whenever you want to edit its details or download the file.

Creation, storage and deletion

If you use a custom key, the key is temporarily stored as a user session variable in the database from when you submit the password until any of the following has occured:

• you have submitted the file for upload (i.e. your key has been used to encrypt the file)
• you click the password UNSET button, say, after having changed your mind about using a password-derived key
• you manually log out from your login session, which then gets cleared from the database
• 15 minutes elapses while the key is in your session and you subsequently access any page, thus triggering a login session reset
  (A warning about the 15-minute deadline to upload a file is displayed on the upload form after you set a password)

Whenever another user tries to access the download page, the application prompts that user for the file password.

The application then reads the entered password and a set of encryption parameters stored for that file to re-derive the file's encryption/decryption key (see below).

After checking that the key can correctly decrypt the 'check string' stored with the file, the application then caches the key inside the user's session on the server for a maximum of 15 minutes.

When the user then clicks the download button, the module Django Encrypted Files uses the key to decrypt the file during the download process, and the key is then deleted.

Key derivation algorithm

Password-based keys are derived by the installed module PyScrypt.

PyScrypt is a Python programming language implementation of the modern password hashing algorithm scrypt (pronounced "ess-scrypt"), which is one of several such algorithms designed to prevent multiple password attempts in rapid succession (e.g. coming from brute-force attacks or dictionary attacks).

Algorithm input parameters

The application stores the following PyScrypt input parameters with each file that is encrypted from a password-derived key:

• salt (random byte object, utf-8 encoded)
• General work factor (iteration count)
• Memory cost (blocksize in use for underlying hash)
• Computation cost (parallelization factor)
• byte length of hash derived from inputs

The application does not store the key's password in any format.