> PGP? Hi
I would look at the openPGP specs. http://en.m.wikipedia.org/wiki/OpenPGP#OpenPGP I think you can solve your projects requirements with GnuPG. If you like to "weld" it better with you software project, you might look at Gpgme (http://www.gnupg.org/related_software/gpgme/). It's basically a c library. If you like to go a level deeper and also like to avoid GPL (License) you should consider implementing a custom file format with OpenSSL. There you should take a close look at http://www.openssl.org/docs/crypto/EVP_SealInit.html# > > Down the same lines, I'm wondering if something like AES-256 should be used > with several "rounds" (encrypting the encrypted data N times) to help prevent > (slow down) an exhaustive attack? Better look at GnuPG. It will encrypt the file with a "session key" AES256. The key itself it RSA public key encrypted. > > How is something like this usually done? Any suggestions/recommendations > inside or outside the box? > > It would also be nice if a common, widely available unencrypting tool could > be easily used to unencrypt the document if the secret string is known. Then you definitively go for openPGP (GnuPG) or S/Mime In my eyes both format perform bad on large (very large 512MB+). Jonas > > Thanks! > > joe.flow...@nofreewill.com > > ------- > > > >
