Differences
This shows you the differences between the selected revisions of the page.
| file_encryption 2018-06-29 | file_encryption 2019-11-23 (current) | ||
| Line 1: | Line 1: | ||
| ====== File Encryption ====== | ====== File Encryption ====== | ||
| - | The next version of WinSCP will allow your to seamlessly encrypt your files on an SFTP server using AES-256 encryption. | + | WinSCP allows you to seamlessly encrypt your files on an SFTP server using AES-256 encryption. |
| - | As part of session settings, you specify (or have WinSCP generate) an encryption key. WinSCP will then (by default) seamlessly encrypt all newly uploaded files and their names. | + | As part of session settings, you can [[ui_login_encryption|specify (or have WinSCP generate) an encryption key]]. WinSCP will then (by default) seamlessly encrypt all newly uploaded files and their names. |
| - | In WinSCP file panel, you will see original file names and when you download files, you will get original contents. But anyone else, who does not know the key, including a server Administrator, will see only gibberish. | + | In WinSCP file panel, you will see the original file names and when you download files, you will get original contents. But anyone else, who does not know the key, including a server Administrator, will see only gibberish. |
| - | This, combines with [[task_synchronize_full|WinSCP powerful synchronization features]], allows you to use your server quota as a safe backup storage for your private data. | + | This, combined with [[task_synchronize_full|WinSCP powerful synchronization features]], allows you to use your server quota as a safe backup storage for your private data. |
| - | The following images show how an encrypted folder and files show to users who knows and does not know an encryption key: | + | The following images show how an encrypted folder and files show to a user who knows the encryption key and to a user who does not know the encryption key: |
| &screenshotpict(file_encryption) | &screenshotpict(file_encryption) | ||
| + | |||
| + | ===== [[files]] Encrypting Files ===== | ||
| + | |||
| + | The following rules apply for encrypting files (assuming [[ui_login_encryption|file encryption is enabled in session settings]]): | ||
| + | |||
| + | * When overwriting an existing //unencrypted// remote file, the updated file is uploaded //unencrypted// too. | ||
| + | * When overwriting an existing //encrypted// remote file, the updated file is uploaded //encrypted// too. | ||
| + | * When uploading a new file, it is //encrypted// by default (can be changed in [[ui_transfer_custom|transfer settings]]). | ||
| + | * When creating a new folder, its //name// is //encrypted// by default (can be changed in default transfer settings). | ||
| + | |||
| + | You can identify encrypted files and folders using a [[ui_file_panel#special_files|lock overlay icon]]. | ||
| + | |||
| + | ===== [[requirements]] Requirements on Server File System ===== | ||
| + | |||
| + | Encryption of file names uses Base64 encoding. To preserve file names encoded in Base64 encoding, the target file system should be case-sensitive (Linux servers use case-sensitive file systems) or at least case-preserving (with a small risk of collision -- Windows NTFS is case-preserving). | ||
| + | |||
| + | The file system also needs to support reasonably long file names. Base64 encoding adds a 33% overhead to a filename length. Additionally, an encoded salt and the ''.aesctr.enc'' extension add another approximately 33 characters. | ||
| + | |||
| + | With common 255-character limit of common NTFS and ext file systems, file names up to 167-characters long can be stored. | ||
| + | |||
| + | ===== Encryption Details ===== | ||
| + | |||
| + | To encrypt file names and file contents, WinSCP uses industry standard %%AES-256%% CTR encryption. Use of standards guarantees you, that even if WinSCP stops working or becomes unavailable for whatever reason, you will still be able to decrypt your files. | ||
| + | |||
| + | Process of encrypting file names: | ||
| + | |||
| + | * 16 bytes (128 bits) of salt is generated. | ||
| + | * File name is represented in bytes using UTF-8 encoding. | ||
| + | * Encoded file name is encrypted. | ||
| + | * Concatenated salt and encrypted file name are encoded using Base64 encoding. | ||
| + | * All slash characters (''/'') in a result of Base64 encoding are replaced with underscore (''_''). Trailing equal signs (''='') are removed. | ||
| + | * ''.aesctr.enc'' extension is added. | ||
| + | |||
| + | Process of encrypting file contents: | ||
| + | |||
| + | * Fixed file header ''%%aesctr..........%%'' is written to the output file. | ||
| + | * 16 bytes (128 bits) of salt is generated and written to the output file. | ||
| + | * File contents is encoded and written. | ||
| + | * Empty files are encoded as empty files (no header nor salt). | ||
| + | |||
| + | File modification time is stored as is (not encrypted in any way). Encrypted files are 32 bytes larger than originals. Hence size of an original file can also be deduced. | ||
| + | |||
| + | We provide a [[file_encryption_decrypt_script|standalone PowerShell implementation of file decrypting]]. | ||