I was thinking about my implementation of sending index updates to Syncthing and it got me thinking about encrypted data on untrusted hosts. If we picked a symmetric encryption (such as ChaCha20) and create / set a single key that is shared out of band, then it could work.
On a trusted host with the files you want to share you would set it to encrypt all outgoing index updates and block responses. This would send the encrypted filename encoded as base64. I would probably use the first two characters as directories so we don’t end up with too many files in one folder.
So my index update would have this as the filename
The rest of the metadata would be the same, but I would be OK with having modification time, owner etc in clear text. Not sure if this information is sensitive enough to worry about?
On each block request, the block is taken from disc and encrypted with the cipher and key, before being sent to the peer. This has a fair overhead, but most untrusted hosts are not local and so unlikely to be the bottleneck.
When receiving an index update, the first two directories are dropped and the filename is decrypted, updating as normal. The same is done for requested blocks.
Only instances that have a valid key decrypt the filenames and data to disc. Instances without a valid key simply store the encrypted filenames and blocks as usual.
I’ve almost certainly missed something obvious, but it seemed like it could be implemented without too many changes?