PUBLIC MARKS with tag crypto

Tarsnap is a secure online backup service for BSD, Linux, OS X, Solaris, Cygwin, and can probably be compiled on many other UNIX-like operating systems. The Tarsnap client code provides a flexible and powerful command-line interface which can be used directly or via shell scripts.

Since all files are encrypted your data is safe from everyone—even us.

An easy-to-use encryption system utilizing RSA and AES for javascript.

No centralization of data in one big database, no trusted dealer/counter/connector, just individuals exchanging coded messages in a particular order and obtaining a trustworthy result. Cryptographers call this secure multi-party computation.

The idea of Grendel is to provide an internal (behind-the-firewall) REST-based web service to keep a user’s data encrypted and ensure its integrity when the user isn’t using it. Grendel uses OpenPGP to store data, with the user’s password encrypting an OpenPGP keyset. That model makes it easy for a web site to store data safely and only decrypt it when the user is logged into the site. Since only the user has their password, once they log out, their data is safe, even if the web site’s database is compromised or stolen. Of course this isn’t an infallible protection — there is no such thing — and in particular it doesn’t protect against web site developers acting in bad faith. It does, though, protect against an attacker getting access to all the secrets stored by users in one step.