- September 7, 2023 at 4:10 pm #19744PerschistenceParticipant
Proposal for Implementing PGP Encryption in “Better Messages”
Enhance the privacy and security of “Better Messages” using multi-key end-to-end encryption via the PGP (Pretty Good Privacy) protocol.
In the era of heightened awareness about data privacy and potential data breach risks, implementing multi-key encryption at the conversation level provides added security and peace of mind to our users.
Existing Database Structure:
- id: A unique identifier for each message.
- thread_id: A reference to the message thread.
- sender_id: The ID of the sender.
- subject: The subject of the message.
- message: The content of the message.
- date_sent: Timestamp of when the message was sent.
1. PGP Key Pair for Users:
When a user logs in, derive the PGP private key based on deterministic factors like their password and other static user-specific details. If the user doesn’t have an associated public key stored in the system (e.g., first-time login after feature implementation), generate a public-private PGP key pair. Store the public key in the user profile table.
2. Message Encryption Process:
When sending a message within a conversation, retrieve the public keys of all participants in that conversation and use them for multi-key encryption of the message. If admin oversight is enabled, incorporate the admin’s public key in the encryption process.
3. Private Key in Session Storage:
<p>During the user’s active session, the derived private key resides in session storage.
4. Message Decryption Process:
To read a message within a conversation, use the session-stored private key for decryption and message display.
5. Database Changes:
Update or extend the existing user profile table to accommodate user PGP public keys. Retain the message structure, as multi-key encryption allows for a singular message version accessible by multiple participants..
- Efficient Storage: A unified encrypted message version conserves storage.
- Enhanced Security: Multi-key encryption fosters message security during transit and storage.
- User Privacy: Only the intended recipients (and potentially the admin) can decrypt messages.
- Performance: Multi-key operations may slightly influence performance due to encryption and decryption.
- Session Management: Proper session handling is crucial to ward off unauthorized access.
- Password Changes: Alterations or resets to user passwords necessitate special consideration for key derivation effects.
- You must be logged in to reply to this topic.