How to securely encrypt shared data for a dynamic amount of users?
Bob uploads a file to my custom file server locked with a password, which then the file server generates a link for him to share
- Bob wants to be able to share this data to anyone that has this link
- Bob doesn't want anyone but the people that have the link and password to access his data, not even the server administrator
I do not want to store any private keys on my file server's filesystem, because that isn't safe in any way if the server were to be compromised.
I have Key Derivation in the works, but when the user session is expired or the server restarts, they would have to re-enter the password for the shared data.
What kind of encryption technique on the file server would I use to solve these issues?
The service MEGA is using a similar approach. This just an example of an implementation and not an endorsement of this particular service.