Encrypted Container File: Design and Implementation of a Hybrid-Encrypted Multi-Recipient File Structure

TL;DR

This paper introduces Encrypted Container Files (ECF), a novel hybrid-encrypted multi-recipient file structure designed to enhance data privacy in cloud-based collaborative environments by allowing only authorized groups to decrypt shared files.

Contribution

The paper presents a new ECF solution that overcomes limitations of existing tools, enabling secure multi-recipient encryption tailored for cloud collaboration.

Findings

ECF effectively restricts access to authorized groups.

The solution improves upon existing encryption tools.

ECF is suitable for cloud-native development environments.

Abstract

Modern software engineering trends towards Cloud-native software development by international teams of developers. Cloud-based version management services, such as GitHub, are used for the source code and other artifacts created during the development process. However, using such a service usually means that every developer has access to all data stored on the platform. Particularly, if the developers belong to different companies or organizations, it would be desirable for sensitive files to be encrypted in such a way that these can only be decrypted again by a group of previously defined people. In this paper, we examine currently available tools that address this problem, but which have certain shortcomings. We then present our own solution, Encrypted Container Files (ECF), for this problem, eliminating the deficiencies found in the other tools.