Proposal for Implementing PGP Encryption in “Better Messages”

[Perschistence]

Proposal for Implementing PGP Encryption in “Better Messages”

Objective
Enhance the privacy and security of “Better Messages” using multi-key end-to-end encryption via the PGP (Pretty Good Privacy) protocol.

Background:
In the era of heightened awareness about data privacy and potential data breach risks, implementing multi-key encryption at the conversation level provides added security and peace of mind to our users.

Existing Database Structure:

• id: A unique identifier for each message.
• thread_id: A reference to the message thread.
• sender_id: The ID of the sender.
• subject: The subject of the message.
• message: The content of the message.
• date_sent: Timestamp of when the message was sent.

Proposed Architecture:

1. PGP Key Pair for Users:
When a user logs in, derive the PGP private key based on deterministic factors like their password and other static user-specific details. If the user doesn’t have an associated public key stored in the system (e.g., first-time login after feature implementation), generate a public-private PGP key pair. Store the public key in the user profile table.

2. Message Encryption Process:
When sending a message within a conversation, retrieve the public keys of all participants in that conversation and use them for multi-key encryption of the message. If admin oversight is enabled, incorporate the admin’s public key in the encryption process.

3. Private Key in Session Storage:
<p>During the user’s active session, the derived private key resides in session storage.

4. Message Decryption Process:
To read a message within a conversation, use the session-stored private key for decryption and message display.

5. Database Changes:
Update or extend the existing user profile table to accommodate user PGP public keys. Retain the message structure, as multi-key encryption allows for a singular message version accessible by multiple participants..

Advantages:

• Efficient Storage: A unified encrypted message version conserves storage.
• Enhanced Security: Multi-key encryption fosters message security during transit and storage.
• User Privacy: Only the intended recipients (and potentially the admin) can decrypt messages.

Considerations:

• Performance: Multi-key operations may slightly influence performance due to encryption and decryption.
• Session Management: Proper session handling is crucial to ward off unauthorized access.
• Password Changes: Alterations or resets to user passwords necessitate special consideration for key derivation effects.

• This topic was modified 1 year, 8 months ago by Perschistence.
• This topic was modified 1 year, 8 months ago by Perschistence.
• This topic was modified 1 year, 8 months ago by Perschistence.
• This topic was modified 1 year, 8 months ago by Perschistence.

[TestyTester]

This is a great proposal, but maybe first allow each installation to use its own unique, admin chosen, 2048 or 4096 bit encryption cypher, so that Governments cannot easily surveil messages from the central servers of BetterMessages

[Author]

Posts