You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've recently come across JuiceFS, which seems a very promising distributed filesystem.
However, since I am a security professional, I got interested in reading the "Data Encryption" page and can't understand why there is the presence of a "RSA private key" involved in the encryption process.
Question 1:
Generating a symmetric key for each block/object and then encrypting it with a master symmetric key, derived from a user passphrase, is common practice in the industry. Why in this case there is involved a RSA key?
Question 2:
If question 1 is replied, then why is the encrypting RSA key a private one? Private keys should be only used for signing, since decryption would happen by using public keys, which is not good nor common. Is this a typo?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi,
I've recently come across JuiceFS, which seems a very promising distributed filesystem.
However, since I am a security professional, I got interested in reading the "Data Encryption" page and can't understand why there is the presence of a "RSA private key" involved in the encryption process.
Question 1:
Generating a symmetric key for each block/object and then encrypting it with a master symmetric key, derived from a user passphrase, is common practice in the industry. Why in this case there is involved a RSA key?
Question 2:
If question 1 is replied, then why is the encrypting RSA key a private one? Private keys should be only used for signing, since decryption would happen by using public keys, which is not good nor common. Is this a typo?
Thank you
Beta Was this translation helpful? Give feedback.
All reactions