Which are good practices for archiving encrypted files?

2 points by giomasce ↗ HN
I am thinking about writing a program that archives data in a long-lasting storage (which can be both an online storage, or a local offline one). I want to encrypt the data, but I am not expert in practical cryptography. Are there lists of good practices about what to do and what to avoid?

* By "archiving" I mean "storing data for a long time, adding some new data every now and then, and retrieving some old data every now and then". Probably the usage pattern is close to that of a backup, although the data does not need to be a backup.

* Data will be organized on a key/value format. Ideally the user wanting to access some data would provide a password that unlocks some key/value pairs, which contain an index of the stored data and possibly the cryptographic keys further required to decrypt actual data.

* Both cases of online storage (on AWS, Google Drive, ...) and offline storage (external disk in my house) are interesting to me.

* I am asking for best practices on the encryption level, not on other parts of the system. So, for example, which cypher algorithms are better suited for long-lasting archival (opposed to short-lived TLS connections, for example) and whether and how to handle different encryption keys for different kinds of key/value pairs (see for example the distinction index vs data above).

* I would code this in Python, in case it is relevant.

1 comment

[ 3.1 ms ] story [ 12.9 ms ] thread
Why do you want to encrypt the data?