Description
Easy Encryption of R Objects using Strong Modern Cryptography.
Description
Encrypt R objects to a raw vector or file using modern cryptographic techniques. Password-based key derivation is with 'Argon2' (<https://en.wikipedia.org/wiki/Argon2>). Objects are serialized and then encrypted using 'XChaCha20-Poly1305' (<https://en.wikipedia.org/wiki/ChaCha20-Poly1305>) which follows RFC 8439 for authenticated encryption (<https://en.wikipedia.org/wiki/Authenticated_encryption>). Cryptographic functions are provided by the included 'monocypher' 'C' library (<https://monocypher.org>).
README.md
Encryption for R Data
{rmonocypher} provides a simple, high-level interface for easily encrypting R objects using a strong, modern cryptographic technique.
A typical use-case this package addresses:
I want to easily encrypt and save data to a public location
(e.g. shared drive, cloud drive, etc) which only I can decrypt.
What’s in the box
decrypt()/encrypt()read/write encrypted R objects to fileargon2()derives encryption keys from passwordsrbyte()generates secure random bytes using your operating system’s CSPRNG.
Technical bona fides
- Cryptographic primitives are provided by the included
monocypherlibrary (v4.0.2) - Encryption method is XChaCha20-Poly1305 which combines ChaCha20 stream cipher (extended nonce variant) with Poly1305 message authentication.
- Encryption process follows RFC 8439 ‘Authenticated Encryption with Additional Data (AEAD)’
- Key derivation uses Argon2 password-based key derviation.
- Cryptographically secure pseudo-random number generation (CSPRNG) is provided by the operating system are used to generate any required random bytes.
Installation
You can install the latest development version from GitHub with:
# install.package('remotes')
remotes::install_github('coolbutuseless/rmonocypher')
Read/write data to an encrypted file
Encrypt any R object and save to file.
encrypt(mydata, dst = "SharedDrive/mydata.dat", key = "mykey")
Then decrypt the object using the same key.
decrypt(src = "SharedDrive/mydata.dat", key = "mykey")
For more details on how passwords are used to derive encryption keys, and for other ways of supplying and generating keys see the Vignette: Encryption Keys.
Vignettes
- Encryption Keys
- Generating encryption keys from passwords with
argon2() - Using random bytes as the encryption key
- Using hexadecimal string as the encryption key
- Generating encryption keys from passwords with
- Technical Notes
- Background on the encryptiong techniques used
- Using Additional Data
- Advanced technique which is not needed for regular use of this package.
- Details on using additional data
- Worked example.