otter-browser
otter-browser copied to clipboard
File encryption and master password support
I'm not sure how easy this is, but have you considered using SpiderOak's open-source crypton framework: https://github.com/SpiderOak/crypton
For an example of what can be done with it see encryptr: https://github.com/SpiderOak/Encryptr
My understanding is that crypton significantly reduces the security considerations when building an encrypted application... SpiderOak's philosophy is fully reliant on the concept of master password and rendering the data securely inaccessible without it.
@landroni, we already have encryption implementation based on libtomcrypt, but we need to polish it and integrate master password.
Any thoughts on approach using transparent file system encryption? That would allow to encrypt entire profile without implementing encryption for every file separately (and some stuff simply cannot be encrypted otherwise, like QtWebEngine profile). https://en.wikipedia.org/wiki/EncFS
I guess that we still need to finally adopt the work done by @Chocimier, perhaps adjusted to this file format: https://www.aescrypt.com/aes_file_format.html