Is encryption on Tardigrade symmetric? And wouln’t asymmetric like GPG be an additional interesting feature?
So I could have a set of machines uploading stuff to Tardigrade, but don’t worry if the machines get hacked or something. So the key could even become public.
Hower when access data = downloading it, decryption can only be done with the private key which can be stored somewhere completely else then in a more secure/monitored environment.
I would say that depends on your needs. The tardigrade network does care that the data is encrypted but it doesn’t care about which encryption it is. Feel free to use anything you like.
Tardigrade does support read or write only access grants. That doesn’t give you the same benefits but since it is already available I had to point it out.
What I am thinking is if it would be useful to have asymmetric encryption by Tardigrade.
So that you can upload data with a public key but if you use this key for download its only garbage.
Only with private key downlad of files can be accomplished and decrypted.
You still can do it exactly as you described - encrypt it with a public key, upload and share.
Anyone who have a link can download a file, but only who have a private key can decrypt it.
I can’t imagine the use case for that, but you can do it.
For me it’s much simpler to do not store your encryption phrase on the machine, and use only access grant instead.
In this case you can revoke it in any moment and close the access.
The other way is just delete an API key on the satellite.
Right. But the question was such a feature built into Tardigrade would be interesting: Different keys that allow different actions.
So for example I could pass my public key to a helper group who uploads files to my Tardigrade via Filezilla. But they cannot download or decrypt.
When I am back at home I can simply use my private key to get access.
All I aimi trying to figure my mind around is if you have many machines world wide to upload data to Tardigrde and each of it has the full acount information and key, if thouse thet hacked a hacker has access tot Tardigrade data. If in such a case the machines only use a public key, no a hacker has no way to access the data.
I just don’t get it why you need to have a overhead with additional keys?
uplink share --writeonly sj://help-group
And import this access grant to uplink of the helping group. They could upload anything, but cannot read or list. And only you would have a full access.
And do the same for all your machines in the insecure environments.
Of course, if you want - sure, you even can modify a code to support PGP or whatever keys, but why?
To achieve a described goal you do not need to do anything with the keys or code.
I believe it is possible to decode the access grant and get the encryption phrase out of it. Everything else as you said. You can still restrict access. For most use cases this should work fine. The only difference I see is trust. The satellite is checking the restrictions of the access grant. If you don’t trust the satellite then you need a better solution.
As far as I know, you can extract only derived encryption key.
Which could be revoked altogether with access grant.
However, if you do not trust to satellite - use both methods. Restrict an access and encrypt your data with a PGP public key. Then even malicious satellite will not expose your data even if you would have an access grant and derived encryption key.