Comment by beingflo
5 years ago
I've been thinking of a similar system with e2e sharing of content and I'd love to pick your brain on this if you don't mind :)
- What made you go with libsodium over using the browsers Web Crypto API?
- If you stop sharing an album with someone, do you somehow re-encrypt the collection key or is the recipient still in possession of all the necessary keys to decrypt the data if they get their hands on it?
- Mature libsodium clients were available across the platforms we were targeting. The APIs seemed well documented and turned out to be a delight to consume.
- There are access control checks in place to revoke access to files from removed album participants. But from a cryptographic standpoint, once your keys have been shared (/compromised), the respective files should be re-encrypted.
Thanks for answering! Regarding the second point, does the application do this automatically or is the user expected to re-encrypt data manually?
We don't handle this case right now, have added this to our roadmap[1].
I feel that for our use case of storing and sharing personal photos, this might be an over kill. But I'll let the customers decide. There might be usecases I might not have thought of.
[1]: https://roadmap.ente.io/option-to-download-re-encrypt-and-re...
2 replies →