Overland-iOS icon indicating copy to clipboard operation
Overland-iOS copied to clipboard

Published 20 hours ago • verified publisher icon aaronpk

request: clientside encryption

Open sneak opened this issue 7 years ago • 3 comments

I would like to keep a personal log of my tracks but would host any data collection service on an endpoint not under my physical control. I'd love to be able to put a public key into the app, or set a suitably strong PSK (or a passphrase from which a symmetric encryption key could be derived using a strong time-and-memory-hard PBKDF), so that the updates that go to the server are encrypted in such a way that they cannot be decrypted by the server at all. Then I could fetch them all later, decrypt them locally on a trusted machine, and analyze them as I wish.

sneak avatar Jul 10 '18 22:07 sneak

This is a neat idea, but unfortunately the way this app works makes this pretty impractical. The app expects to be able to send a POST request to a URL, it isn't really built around the idea of storing data in a file. I think this would be too big of a change for me to take this on, sorry.

aaronpk avatar Jul 14 '18 23:07 aaronpk

I'm suggesting that you just POST the data up, but POST up encrypted data. Let the server deal with it as it wishes.

sneak avatar Jul 14 '18 23:07 sneak

hm, I guess that's the easy way to handle it. I'll reopen and mark as under consideration, but fair warning this isn't high on my priority list.

aaronpk avatar Jul 15 '18 00:07 aaronpk