Skip to content

Data Integrity

Every encrypted file carries a cryptographic proof of its authenticity. Any modification — even a single bit — is detected and rejected.


What Is Data Integrity?

Data integrity means that a file you download is exactly the same as the file that was uploaded — not modified in transit, not corrupted in storage, not tampered with by any party.

Lenzeye guarantees this for every encrypted file using HMAC-SHA256 (Hash-based Message Authentication Code).


How HMAC Works in Lenzeye

flowchart TD
    A[Encrypt each
chunk] --> B[Accumulate HMAC
over encrypted bytes]
    B --> C[Store 32-byte HMAC
in S3 metadata]
    C --> D[On download:
read HMAC from metadata]
    D --> E{HMAC
matches?}
    E -- Yes --> F[Decrypt and
deliver file]
    E -- No --> G[Reject download
InvalidSignature]

During Upload

  1. Each encrypted chunk is fed into a running HMAC-SHA256 computation
  2. The HMAC is seeded with the file's IV (initialization vector) — so even the IV is covered by the integrity check
  3. After all parts are uploaded, the final 32-byte HMAC is stored in Wasabi S3 object metadata

During Download

  1. The HMAC is read from S3 metadata before streaming begins
  2. As ciphertext is streamed from S3, a new HMAC is computed in real time
  3. After the full stream, the computed HMAC is compared to the stored value
  4. If they match — the file is authentic. Decryption proceeds.
  5. If they don’t match — InvalidSignature is raised. The download is aborted. Not a single plaintext byte is returned.

What HMAC Detects

Scenario Detected?
Single bit flipped in storage ✅ Yes
Entire chunk replaced ✅ Yes
File truncated ✅ Yes
Extra bytes appended ✅ Yes
IV tampered ✅ Yes (IV is included in HMAC)
Different file substituted ✅ Yes
Accidental storage corruption ✅ Yes

Encrypt-then-MAC

Lenzeye uses the Encrypt-then-MAC construction (not MAC-then-Encrypt):

  • HMAC is computed over the ciphertext, not the plaintext
  • This is the cryptographically correct order — it prevents padding oracle attacks and ensures the integrity check covers exactly what is stored
  • Industry standard: used in TLS 1.3, Signal protocol, and most modern cryptographic libraries

Plain (Unencrypted) Files

For files uploaded without encryption (plain path via presigned URLs):

  • No HMAC is applied — Lenzeye relies on Wasabi S3’s internal storage integrity (S3 uses MD5/ETag for part validation)
  • For full integrity guarantees, enable encryption on your account