GuestNo new alerts


- Planned Features1730
I'm not sure when I'll get around to this one, but there are two variants which I'd like to cover:

Standard conversations which make use of post level encryption with an encryption key held by the app. I'm not sure how well this'll work with backups, but it would be nice, if we could add that extra level of security.

The other uses end to end encryption to communicate without an admin potentially snooping in.

This is pretty hard to prevent considering that an adversarial admin can deploy whatever JavaScript they want, however this might? be possible with vetted open source apps.

I'm not sure on what the specifics might be there exactly, but a public encryption key would be held for both sides on the server, while the private key pairs would be held only by the two conversants.

To facilitate one side reporting a message, a checksum could be stored on the server for each message sent back and forth. This checksum could be encrypted by a separate sent at the top of every message.

When a user reports a message, the message itself and the release key could be sent to the intermediary server and the intermediary server will be able to decrypt the checksum and confirm that it is in-fact the message that was sent from that other user and not a fabrication.

It is entirely possible that an admin may just disable this and just reject messages which they can't read, but at the very least, it'll ensure the integrity of ones which do make it through (assuming they don't switch the publically shown public keys for fakes to fool you into trusting the wrong one).

I'm still brainstorming over this stuff, however and there might be better approaches for this.
Basic conversations are in, although they don't feature any sort of encryption, I've been pondering over the best way to implement end-to-end encryption (perhaps with an app or even an open standard), although that has fallen on the wayside for now.

I haven't forgotten about however and I still have some in-depth discussions on how to best do this exactly. I will also look into the server-side encryption, although end-to-end encryption does seem like it would be the more secure option all-round, so I haven't given that as much attention as I probably should.