« Previous 1 2
Encrypt and decrypt files with Age or Rage
Keep It Simple
Authenticated Data
Even though Age can be used for file encryption in a very simple way, it is particularly useful in scenarios where information is encrypted or decrypted as a data stream. By default, Age processes data from standard input and returns the results on standard output. Age's natural habitat is therefore the command line, scripts, or cronjobs.
Age not only ensures the confidentiality of the data, but also its authenticity and integrity. During decryption, the tool immediately checks the integrated Message Authentication Code (MAC). The principle known as "authenticated encryption with associated data" (AEAD) checks for possible changes to the ciphertext for each block, preventing various attacks on the encryption or the integrity of the data in the process. Unlike GnuPG, however, the files cannot be cryptographically signed, and Age does not support attribution to an author through a signature.
Conclusions
Age is a simple alternative to GnuPG that lets you encrypt and decrypt data asymmetrically, easily, and reliably. The clear design and the deliberate omission of options for configuring the encryption method help ensure secure use for everyday tasks. Thanks to support for different key types, you can also use the widespread SSH keys of your recipients.
Infos
- Age Go implementation: https://github.com/FiloSottile/age
- Rage Rust variant: https://github.com/str4d/rage
« Previous 1 2
Buy this article as PDF
(incl. VAT)