ddrive
ddrive copied to clipboard
forscht
[SUGGESTION] Add encryption
Currently Discord is able to see all data that gets stored onto someones DDrive because they are split into chunks but still saved unencrypted. It would be awesome to have encryption in place so Discord (even after reassembling the chunks into a full file) isn't able to view the contents until they also know the secret key. The key can be derived as by many products from a password given by the user on startup as parameter like --encrypt "ThisPasswordWillMakeMyDataOnDiscordSave". Encryption should be optionally added as additional feature (to not introduce breaking changes) so when the flag isn't supplied the program still just doesn't use it.
Encryption can be done very securely via AES256 encryption.
The key derivation can be made very securely by utilizing a good key derivation function like argon2.
It should use an IV for each part instead of for each file to add some additional security (as it's already split anyway).
@UnlimitedBytes Can you share sample example for encrypting file using AES256?
@UnlimitedBytes Can you share sample example for encrypting file using AES256?
Sure, here is a very basic example how to encrypt files using Node.JS: https://github.com/UnlimitedBytes/basic-node-encryption-example
Please keep in mind it's an example and SHOULD NOT be used in production as is!
I added some comments for further reads on the security topics
@forscht
@UnlimitedBytes Thanks for example code. I am working on another project based on discord storage in which I have implemented the encryption. Can you look into code and create PR if there is anything to improve? https://piped.cc https://github.com/forscht/Piped/blob/main/src/DFs.js
@UnlimitedBytes Thanks for example code. I am working on another project based on discord storage in which I have implemented the encryption. Can you look into code and create PR if there is anything to improve? https://piped.cc https://github.com/forscht/Piped/blob/main/src/DFs.js @forscht
Looks pretty good nothing to improve from my side of view. Please keep in mind tho that I'm not an expert in cryptography only what I learned over the time. But from my understanding there should be absolutely no issue with it.
Edit: Only thing maybe useful to know is you could use GCM (Galois/Counter Mode) instead of CTR (Counter) mode. The main difference is you could flip bits in the cypher text by CTR while GCM protects against this with a message signature. A very good explanation of the different modes and what they do on a higher level can be found here: https://www.youtube.com/watch?v=Rk0NIQfEXBA
I have already tried blocking mode first but it will increase the size of file little bit by adding padding to it. It will cause issue while providing partial content with range headers.
Btw. not really important for this issue but a nice side fact. We accidentally developed the same idea twice. :D
My project I was talking about in the other issue where I implemented all the stuff (webhooks / encryption / etc.) is exactly the same as your second project. It's a simple file uploading where a user can just upload a file it get's stored onto discord and can be streamed/downloaded from there via the webserver as proxy. So exactly what you build with piped too :)