1

Is there any way to remotely verify that a file is encrypted?

I have a very complex problem, but here's a simplified scenario that illustrates the point:

I have a server that generates very large video files. I want these to be encrypted at the file level before they're downloaded. (Could be a non-secure connection.) I know the key to these files, and I should be able to decrypt any of the files.

Is there any way for me to verify that the files are actually encrypted before transferring them over an unsecured network?

Sauce McBoss
  • 111
  • 3

2 Answers2

1

How are you encrypting them? For example, if you're using gpg, the file command recognises the encryption format (and can even distinguish between ASCII-armoured and non-armoured output):

[madhatta@risby tmp]$ ls -la > foo
[madhatta@risby tmp]$ gpg -e -r fred foo 
[madhatta@risby tmp]$ gpg -e -r fred --no-armor foo 
[madhatta@risby tmp]$ file foo foo.asc foo.gpg
foo:     ASCII text
foo.asc: PGP message
foo.gpg: GPG encrypted data

Edit: I think I see what you're asking for, but I don't much see the point. Assuming that you could somehow set up a certificating authority which recognised every file, and issue some sort of certificate of "encryptedness", how would you use it? To identify the file which it certified with any reliability, it'd have to include a checksum of some kind, and to evaluate that checksum, you'd have to get the original file. Better to just get the original file, and evaluate that.

Sure, you could embed pathnames in the certificates, but then each certificate would have to be checked against a real-time CRL, to avoid people simply decrypting a file in situ and leaving the old certificate in place; and some other system would have to constantly police file changes and update that CRL. No, if you want to do this remotely, may I suggest:

ssh server file foo.asc
MadHatter
  • 79,770
  • 20
  • 184
  • 232
  • Awesome! I didn't know you could do that. But, is there a way to check this remotely? It seems like the check can only be run on the local machine. Is there any way to generate some kind of a certificate of encryption for the file? It's been pointed out that this setup may be susceptible to a TOCTOU attack. Is there any way around this? – Sauce McBoss Oct 10 '12 at 16:17
0

Most (all) chaining modes for symmetrical encryption will work correctly on a truncated version of the file.

So, in principle, you could download the start of the file, decrypt it locally, and verify that it corresponds to truncated cleartext. Then you have a proof that at least the start of the file was correctly encrypted; and if not, you have only leaked a small piece of your data.

Details depends on which encrypted format you are using exactly. At the very least, make a truncation that fits the size of the block cipher being used, and you may need to take some headers into account.

b0fh
  • 3,313
  • 1
  • 21
  • 32