User-1209063919 posted
I would like to be able to give my users the ability to securely upload and store files, sometimes upwards to about a gigabyte in size. I'm not quite sure what's the best way to go about doing this. I would like to have the connection between the client
and the server secured, so I'm sure I will probably have to use SSL. Now, my major crux is secure storage. Being that the data is somewhat sensitive, I'm wondering if I should encrypt the file before it is stored. I guess my question is, should I open the
file and encrypt each byte or encrypt the file as a whole. I'm assuming that the latter is the better option. I know that there are a number of examples of how to encrypt a file using a number of different methods (aes, des, md5 (hashing not really encrypting),
etc). Currently, to encrypt text, I am using the Rijndael algorithm, sha1, 256 bit keys, a predefined passphrase, salt value, and IV.
Thanks in advance for any help you may be able to lend...
Jim