1

I am wondering if it is at all possible to add a decryption key to a user on a server.

Basically - I want to encrypt a lot of files to avoid information leakage from a potential attack. However, entering the decryption key may be exhausting to the people repeatedly opening the file.

So we get back to the point of my question: Is it possible to install a decryption key onto a user so that they won't have to enter a decryption key every time they open the files in question?

The files in questions are Word 2013 and Excel 2013 files - I know they have in-built encryption, but I can't find in-built decryption outside entering a password.

Noroz
  • 11
  • 1
  • Disclaimer, I'm only an encryption armature. I believe if you encrypt the files with an OpenPGP client (Like GPG), then the person receiving the files may be able to potentially use whats called an Agent (Like GPG-Agent). The agents job is to keep the private key loaded, and decryption tasks are delegated to the agent who only has to load the password protected key once. Disclaimer, I don't do this often enough to know what I'm talking about. Also be mindful that once the file is decrypted, there is no way to force the user to delete the decrypted copy after their done reading it. – ThorSummoner Nov 22 '16 at 21:09

1 Answers1

1

What you are looking for is Active Directory Rights Management or Azure Rights Management. This lets you assign permissions to the document on a per-user basis, protected with basically the same encryption you're asking about.

If you have an AD controlled environment and the documents will only be shared internally, then the AD version is probably the way to go since you likely already have the pieces and licensing. If you need to share outside your AD network or you use Office 365 without AD, then the Azure version is the way to go.

longneck
  • 23,082
  • 4
  • 52
  • 86