Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

End-to-end encryption #12

Open
darkdragon-001 opened this issue Jun 17, 2020 · 0 comments · May be fixed by #16
Open

End-to-end encryption #12

darkdragon-001 opened this issue Jun 17, 2020 · 0 comments · May be fixed by #16

Comments

@darkdragon-001
Copy link

darkdragon-001 commented Jun 17, 2020
edited
Loading

Append client-generated password used to encrypt the note and traffic as fragment #something.

I can provide you some sample code, once my question on StackExchange is answered.

It would also be possible to use a human-readable password which the users has to enter in a textbox such that it is not shown on screenshots. Key derivation should be used in this case.
darkdragon-001 added a commit to darkdragon-001/Pad that referenced this issue Jun 22, 2020
@darkdragon-001
Add optional encryption
5c8546a 
Cryptography
- Use AES-GCM-256 for encryption
- Use PBKDF2 with SHA-256 and 100000 iterations for key derivation

Behavior
- A human-readable password will be automatically be generated when not set
- The password will be appended to the URI as fragment #password
- The IV (12 bytes) is prepended to the ciphertext
- Everything is base64 encoded (33% overhead)
- Update is disabled when encryption fails to avoid overwriting

Fixes petercunha#12
@darkdragon-001 darkdragon-001 linked a pull request Jun 22, 2020 that will close this issue
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add optional encryption darkdragon-001/Pad
1 participant
@darkdragon-001