Menu
I am trying to create an app that will encrypt all user input data before sending it to server where it will be stored in sql database. The idea is that data in database is always encrypted and that it can only be decrypted back on client app so I was thinking of creating and storing private key on client app. Second requirement is that all apps can decrypt data written on server db, so I presume all apps should share the same private key.
My question is:
EDIT
just to clarify a bit more
Lets say we have something like a cloud service, and every cloud can have many devices joined. All devices get synced with its cloud when one of them changes some resource. That cloud is represented with a profile that contains some personal data about user who owns the devices. I would like that all of the devices joined to cloud (C1) can see(read) that personal data that is associated with that cloud, what I wouldn’t like is that some db admin can read that data. So I want to encrypt data on client side, and decrypt it on client side.
In short, the encryption is not for transport purposes, for thet I use ssl, its just a try to conform to new GDPR regulative about security of personal data.
EDIT 1
After some investigating I have found something called "Client side encryption". It perfectly matches my needs, data is encrypted on client, it is send to server where it is stored in db, and it is decrypted on client again. But I cant seem to find a way to deal with the need to hardcode private key in my project. In order to save it to keychain I have to load it from some place, and if I generate it than the other client wont have the same key and it wont be able to decrypt data. So can anybody help me, am I looking at this from a wrong angle?
692
Assuming the use of TLS, from your question, we can outline the following requirements that you have made:
All information stored on the server must be encrypted in such a way that a server breach will not leak any data.
All clients in a given "cloud" can access all data in that cloud.
Loss of a client device will leak no information from the cloud.
We can then outline a E2E scheme like so:
When a user is first created, generate a public/private key client-side and transmit the public key to the server. Encrypt the private key client-side with a symmetric key generated from the users password. Any actions that require this private key thus also require the users password, protecting from device theft.
When a user wishes to create a "cloud group", generate a symmetric key for this group and encrypt it with the users public key. Store this key on the client device, encrypted with the users public key.
When the user wants to add another user to their "cloud group", encrypt the group symmetric key with the new users public key and transmit.
Communication and storage within the "cloud group" uses the group symmetric key.
Note that in this scheme:
The server cannot decrypt any of the data because the group symmetric key only ever touches the server while encrypted by a specific users public key.
The users password is always required to use their private key and thus theft of a device cannot expose any information to the thief.
91
You could mimic the way iMessages works: https://www.apple.com/business/docs/iOS_Security_Guide.pdf
At a high level: a public-private key pair is generated on the device, and the private key is stored in the keychain. The public key is registered on a server and associated with the user/device. When a message is sent, the service looks up the public key of the recipient and encrypts the message using that, so that only the recipient can decrypt it.
Apple uses the keychain, so take that as you will regarding the safety of it.
34
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
