encrypt files at rest, properly

Question

I have just watched a crypto 101 talk which said if you are typing the letters "AES" into your code, you're doing it wrong! The solution was to "just use GPG".

If you are storing your data on the cloud, all readers and writers need to know the key. If the key is a public private key, that's just a slow key but not a more secure key than just having a good password?

What standard alternatives are there to GPG that properly encrypt data at rest but use a shared secret instead of public keys?

I use Java, and would like to use a library, but want interchange with other platforms.

Answer 1

The solution is wrong in terms - you don't use "GPG" but OpenPGP.

Indeed for encryption using shared secrets (passphrases and alike) OpenPGP is optimal, as it supports multiple methods at the same time and includes compression.

The alternative would be to use CMS encryption with keypairs derived (in some predetermined way) from the shared secret. However such scheme is not standard.

I can remember also XML encryption that supports encryption with symmetric keys, but it has certain security flaws.

So OpenPGP is probably the best way to go.

Regarding compatibility - OpenPGP-compliant library should create packets that can be later processed by any other OpenPGP-compliant library or application. Unfortunately OpenPGP implementation in popular BouncyCastle library sometimes produces not compliant packets - we came across its issues several times when packets created with BouncyCastle could not be processed by GnuPG or our SecureBlackbox due to issues in the packet created.