Comment by I_am_tiberius
9 hours ago
Cool. May I ask how you implement the collaborative e2e? Do you encrypt the content multiple times - once for every user?
9 hours ago
Cool. May I ask how you implement the collaborative e2e? Do you encrypt the content multiple times - once for every user?
The workspace data is encrypted with a (symmetric) workspace key. Each user gets hteir own encrypted copy of that key, using the user's public key. By wrapping the data-encryption key for each user the content is only encrypted once but each authorized user can decrypt it.
Ah ok. I guess that means when a user leaves the team, you have to re-encrypt the codebase with a new symetric key (as the user would still know the old symetric key)?
Depending on the threat model you want to protect against, yes. For example, although a revoked user doesn't have direct access to data anymore, they could technically collude with us to get future encrypted messages and then decrypt them. At the moment rekeying is only possible by exporting a workspace, changing its key (with a command line tool), and then reimporting it.
1 reply →