I'm currently planning to implement an strong encryption in git
(not like gitcrypt, but with encrypted blobs, directories, etc,
directly in the core).

The idea goes like this:

* blobs are encrypted with their (original) content hash as
  encryption keys
* directory objects only hold randomized filenames and pointers
  to the encrypted blob (content hash of the encrypted data)
* new ext-directory objects are holding a mapping of the
  randomized file names to the real ones and the encryption keys,
  stored encrypted similar to the blobs
* ext-directory object is referenced by a special filename in
  the directory object.
* commit objects also hold an encrypted section (eg. uuencoded)
  with the ext-directory node's key, additional commit text, etc,
  itself encrypted with the repository key

This way, the lowlevel / bare repository operations (including
remote sync and gc) should continue to work, while only actual
access (eg. checkout or commit) need to be changed and have the
repository key available.

What do you think about this approach ?

Mit freundlichen Grüßen / Kind regards 

Enrico Weigelt 
VNC - Virtual Network Consult GmbH 
Head Of Development 

Pariser Platz 4a, D-10117 Berlin
Tel.: +49 (30) 3464615-20
Fax: +49 (30) 3464615-59

enrico.weig...@vnc.biz; www.vnc.de 
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to