[R] encrypted RData file?

Marc Schwartz (via MN) mschwartz at mn.rr.com
Thu Oct 27 23:55:48 CEST 2005 

On Thu, 2005-10-27 at 16:15 -0500, Na Li wrote:
> On 27 Oct 2005, Duncan Temple Lang wrote:
> 
> > Yes, it is of interest and was sitting on my todo list at
> > some time.  If you want to go ahead and provide code to do it,
> > that would be terrific.  There are other areas where encryption
> > would be good to have, so a general mechanism would be nice.
> > 
> > D.
> > 
> > Na Li wrote:
> > > Hi, I wonder if there is interest/intention to allow for encrypted .RData
> > > files?  One can certainly do that outside R manually but that will leave a
> > > decrypted RData file somewhere which one has to remember to delete.
> > > 
> 
> I was hoping someone has already done it.  ;-(
> 
> One possibility is to implement an interface package to gpgme library which
> itself is an interface to GnuPG.  
> 
> But I'm not sure how the input of passphrase can be handled without using
> clear text.
> 
> Michael

Seems to me that a better option would be to encrypt the full partition
such that (unless you write the files to a non-encrypted partition)
these issues are transparent. This would include the use of save(),
save.image() and write() type functions to save what was an encrypted
dataset/object to a unencrypted file.

Of course, you would also have to encrypt the swap and tmp partitions
(as appropriate) for similar reasons.

On Linuxen/Unixen, full encryption of partitions is available via
loopback devices and other mechanisms and some distros have this
available as a built-in option. I believe that the FC folks finally have
this on their list of functional additions for FC5. Windows of course
can do something similar.

The other consideration here, is that if R Core builds in some form of
encryption, there is the potential for import/export restrictions on
such technology since R is available via international CRAN mirrors. It
may be best to provide for a plug-in "encryption black box" of sorts, so
that folks can use a particular encryption schema that meets various
legal/regulatory requirements.

Of course, simply encrypting the file or even a complete partition has
to be considered within a larger security strategy (ie. network
security, physical access control, etc.) that meets a particular
functional requirement (such as HIPAA here in the U.S.)

HTH,

Marc Schwartz

More information about the R-help mailing list