nfdz
Make the Chats end-to-end Encrypted
How to approach
- When creating the account, the user generates a public and private key pair and saves them in local storage.
- The user then sends the public key to the server alongside his credentials. THE PRIVATE KEY IS NOT SHARED WITH ANYONE
- The server receives the user's credentials and his public key, generates a certificate out of the public key, and saves the user in the server.
- Each time user_A wants to chat with user_B, the server sends user_B's certificate to user_A and vice versa. Each user saves the other's certificate in their local storage to be able to encrypt messages and send them.
- The ENCRYPTED messages are saved in Monge DB.
Ref:
- https://github.com/muke1908/chat-e2ee
- https://github.com/VertikaJain/react-chat-app
- https://github.com/signalapp/libsignal-protocol-javascript
- https://docs.lens.xyz/docs/encrypted-dms [ Web3 Approach ]
Pre-reqs [ Encryption Algorithms ]:
@Maxaseel Thanks for your feedback.
People have been asking for some implementation of asymmetric encryption for a while now (https://github.com/nfdz/Cryptool/issues/7).
The main problem I see is how to introduce this feature in a user-friendly way, not hiding the cryptographic work from the user. Why do we want another app that does cryptographic asymmetric encryption in a magical and transparent way for the user? I think there are already several open source chat apps that does this, right?
The idea of not hiding the cryptographic part of the app is so that a non-specialized user can understand what is going on all the time. I think that is the differentiating part of this app. Maybe I am wrong.
I think it has to be possible to implement this feature in a way that the user can see the cryptographic process in the background, we just don't have reached a good sketch and plan yet. You are welcome to share/contribute more about this topic.
