I need to encrypt some bigger files < 1GB in a secure and efficient way. Is it a good idea to use JOSE JWE libraries for that purpose? Is there any other option you can recommend?
Thanks, Simon
Asked
Active
Viewed 322 times
1 Answers
0
This is not a good idea. JWE stands for Encrypted JSON Web tokens and is meant to be used in a web context (i.e. HTTP/HTTPS protocols). The payload is encrypted but also encoded in base64 url safe and thus the size of the encrypted payload will be larger than the original file (approx. +30% overhead) plus the header, encrypted CEK and IV.
A 1GB file will be encrypted into a 1.3GB token…
You should definitively choose a dedicated and secured file transfert protocol e.g. SCP or SFTP
Spomky-Labs
- 15,473
- 5
- 40
- 64