LOC-4: Payload encryption

Issue Information

Issue Type: New Feature
Priority: Major
Status: Closed

Reported By:
Ben Tasker
Assigned To:
Ben Tasker
Project: LocalChat (LOC)
Resolution: Done (2018-05-13 12:57:43)
Target version: V0.0.2,
Components: Client , Encryption ,

Created: 2018-05-12 15:30:25
Time Spent Working

Clients need to use E2E encryption so that the server component does not see the text of their messages (only the metadata).

A simplistic implementation is fine as it reduces the likelihood of making fatal mistakes.

My original intention has always been that the encryption key will be derived from the room password, so let's start with that as an approach.

Toggle State Changes


Repo: LocalChat

commit e0764bdf12eb002b76b59725aec79a53d2d4ac66
Author: B Tasker <github@<Domain Hidden>>
Date: Sat May 12 15:41:53 2018 +0100

Commit Message: Implement msg payload encryption in the client - LOC-4

Message payloads are now PGP encrypted using the room password as the encryption passphrase.

It'd be nice to be able to use something like OTR, but it adds a lot of overhead in a Multi-User-Chat environment (as you'd need to address a copy to each user, encrypted with their own key, or trust the server to see the messages).

client/LocalChatClient.py | 28 +++++++++++++++++++++++-----
1 files changed, 23 insertions(+), 5 deletions(-)

View Commit | View Changes
Commit 815cf386 also switched us to using ad-hoc SSL when communicating with the back-end, so there's some in-flight protection for the metadata too.

I'm going to leave this issue open for now though, as the authentication mechanism design in LOC-2 may well impact on this.
The auth mechanism has now been designed and implemented under LOC-2 and other than making a few tweaks to how the client accepts the room password there's been no real impact on this. Closing issue as complete.
btasker changed status from 'Open' to 'Resolved'
btasker added 'Done' to resolution
btasker changed status from 'Resolved' to 'Closed'