end_to_end_encryption icon indicating copy to clipboard operation
end_to_end_encryption copied to clipboard

Published 20 hours ago verified publisher icon nextcloud

Add option to NOT store key on server

Open maxhq opened this issue 8 years ago • 8 comments

The current design includes storing the private key encrypted on the server. Some users with very strong security requirements might prefer to e.g. have a hardware token as the only copy of a key. If the design would allow an option to not store the client key on the server, hardware token support could be integrated later on.

maxhq avatar Oct 19 '17 10:10 maxhq

Indeed we want to make this optional. So the user would have to enter a key file on setup of an already initialized account. On initial setup then also the "publish private key" can be optional.

As this is possible without changing the metadata file, I think this can added without problems later.

We did it first this way as it is risky if you loose your private key and for most user the encrypted and uploaded private key is enough.

@LukasReschke please correct me if I am wrong on any point.

tobiasKaminsky avatar Oct 20 '17 05:10 tobiasKaminsky

I agree with @tobiasKaminsky. This is on the road map but will be probably a v2.0 feature.

schiessle avatar Oct 25 '17 15:10 schiessle

Pardon the silly question, but why is the server app currently needed when the work is being done on the client device?

sunjam avatar Oct 17 '20 15:10 sunjam

Server app is

  • handling encrypted private/public keys, otherwise user would have to transfer them from one device to another manually
  • stores/updates encrypted metadata per folder

It is acting like a "stupid" file server, and does not have any real logic.

tobiasKaminsky avatar Oct 19 '20 05:10 tobiasKaminsky

Is there work being done to allow use of keys on an a client-side hardware token (eg Yubikey)?

jonathancross avatar Nov 06 '20 16:11 jonathancross

Hardware token sounds like a good new issue to post if nothing comes up in search.

On Fri, Nov 6, 2020, 8:08 AM Jonathan Cross [email protected] wrote:

Is there work being done to allow use of keys on an a client-side hardware token (eg Yubikey)?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/nextcloud/end_to_end_encryption/issues/8#issuecomment-723162154, or unsubscribe https://github.com/notifications/unsubscribe-auth/AANUKZQAJEDUKLZG6XY7Y7DSOQNRRANCNFSM4D74BJHQ .

sunjam avatar Nov 06 '20 16:11 sunjam

handling encrypted private/public keys, otherwise user would have to transfer them from one device to another manually

This is exactly what I would find preferable related to this issue: Only allow users to transfer & recover keys between devices manually (if they prefer it that way). Thank you all for working on this project! :+1:

sunjam avatar Jun 15 '21 01:06 sunjam