Data Integrity¶
Every encrypted file carries a cryptographic proof of its authenticity. Any modification — even a single bit — is detected and rejected.
What Is Data Integrity?¶
Data integrity means that a file you download is exactly the same as the file that was uploaded — not modified in transit, not corrupted in storage, not tampered with by any party.
Lenzeye guarantees this for every encrypted file using HMAC-SHA256 (Hash-based Message Authentication Code).
How HMAC Works in Lenzeye¶
flowchart TD
A[Encrypt each
chunk] --> B[Accumulate HMAC
over encrypted bytes]
B --> C[Store 32-byte HMAC
in S3 metadata]
C --> D[On download:
read HMAC from metadata]
D --> E{HMAC
matches?}
E -- Yes --> F[Decrypt and
deliver file]
E -- No --> G[Reject download
InvalidSignature]
During Upload¶
- Each encrypted chunk is fed into a running HMAC-SHA256 computation
- The HMAC is seeded with the file's IV (initialization vector) — so even the IV is covered by the integrity check
- After all parts are uploaded, the final 32-byte HMAC is stored in Wasabi S3 object metadata
During Download¶
- The HMAC is read from S3 metadata before streaming begins
- As ciphertext is streamed from S3, a new HMAC is computed in real time
- After the full stream, the computed HMAC is compared to the stored value
- If they match — the file is authentic. Decryption proceeds.
- If they don’t match —
InvalidSignatureis raised. The download is aborted. Not a single plaintext byte is returned.
What HMAC Detects¶
| Scenario | Detected? |
|---|---|
| Single bit flipped in storage | ✅ Yes |
| Entire chunk replaced | ✅ Yes |
| File truncated | ✅ Yes |
| Extra bytes appended | ✅ Yes |
| IV tampered | ✅ Yes (IV is included in HMAC) |
| Different file substituted | ✅ Yes |
| Accidental storage corruption | ✅ Yes |
Encrypt-then-MAC¶
Lenzeye uses the Encrypt-then-MAC construction (not MAC-then-Encrypt):
- HMAC is computed over the ciphertext, not the plaintext
- This is the cryptographically correct order — it prevents padding oracle attacks and ensures the integrity check covers exactly what is stored
- Industry standard: used in TLS 1.3, Signal protocol, and most modern cryptographic libraries
Plain (Unencrypted) Files¶
For files uploaded without encryption (plain path via presigned URLs):
- No HMAC is applied — Lenzeye relies on Wasabi S3’s internal storage integrity (S3 uses MD5/ETag for part validation)
- For full integrity guarantees, enable encryption on your account