-
Notifications
You must be signed in to change notification settings - Fork 10.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add documentation on user and group end to end encryption #16153
Comments
More documentation is needed indeed. These are my own speculations on the subject:
I suppose the need to save the private keys into the server database stems from the usability standpoint; It is used to distribute the keys between all client devices of the user. The private key is encrypted in the database and is opened with the password in the client end browser using the password provided by the user. The password gets saved only into the cache of the browser and is not transferred to the server. In group chats all messages are encrypted by all members' public keys separately. If one is removed from the group, they cannot see any new messages in clear text as his/her key has not been used in encrypting it anymore. In case that the server database gets compromised, and regardless whether a chat is direct or group one (does not matter; two persons is practically a group already), effective encryption is as strong as is the weakest password in the whole chain of trust. |
I had a similar issue bus it was closed. I think your issue and mine should be merged: |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Hi,
I've read the docs and the following issues: #9999, #36, #15095 and the description of the PR: #10094 and found no documentation on how e2e encryption is handled either in groups or single chats.
I think this information should be easily reachable for anyone trying to decide to use the application.
The text was updated successfully, but these errors were encountered: