Re: [R] encrypted RData file?

From: Marc Schwartz (via MN) <>
Date: Fri 28 Oct 2005 - 07:55:48 EST

On Thu, 2005-10-27 at 16:15 -0500, Na Li wrote:
> On 27 Oct 2005, Duncan Temple Lang wrote:
> > Yes, it is of interest and was sitting on my todo list at
> > some time. If you want to go ahead and provide code to do it,
> > that would be terrific. There are other areas where encryption
> > would be good to have, so a general mechanism would be nice.
> >
> > D.
> >
> > Na Li wrote:
> > > Hi, I wonder if there is interest/intention to allow for encrypted .RData
> > > files? One can certainly do that outside R manually but that will leave a
> > > decrypted RData file somewhere which one has to remember to delete.
> > >
> I was hoping someone has already done it. ;-(
> One possibility is to implement an interface package to gpgme library which
> itself is an interface to GnuPG.
> But I'm not sure how the input of passphrase can be handled without using
> clear text.
> Michael

Seems to me that a better option would be to encrypt the full partition such that (unless you write the files to a non-encrypted partition) these issues are transparent. This would include the use of save(), save.image() and write() type functions to save what was an encrypted dataset/object to a unencrypted file.

Of course, you would also have to encrypt the swap and tmp partitions (as appropriate) for similar reasons.

On Linuxen/Unixen, full encryption of partitions is available via loopback devices and other mechanisms and some distros have this available as a built-in option. I believe that the FC folks finally have this on their list of functional additions for FC5. Windows of course can do something similar.

The other consideration here, is that if R Core builds in some form of encryption, there is the potential for import/export restrictions on such technology since R is available via international CRAN mirrors. It may be best to provide for a plug-in "encryption black box" of sorts, so that folks can use a particular encryption schema that meets various legal/regulatory requirements.

Of course, simply encrypting the file or even a complete partition has to be considered within a larger security strategy (ie. network security, physical access control, etc.) that meets a particular functional requirement (such as HIPAA here in the U.S.)

HTH, Marc Schwartz mailing list PLEASE do read the posting guide! Received on Fri Oct 28 08:16:59 2005

This archive was generated by hypermail 2.1.8 : Fri 03 Mar 2006 - 03:40:51 EST