##########################################################################################

       LOC-4: Payload encryption

##########################################################################################


Issue Type: New Feature 
-----------------------------------------------------------------------------------------

Issue Information
====================

Priority: Major					Status:      Closed
Resolution:  Done (2018-05-13 12:57:43)
Project: LocalChat (LOC)


Reported By: btasker					
Assigned To: btasker

Components: 
	- Client 
	- Encryption 


Targeted for fix in version: 
	- V0.0.2


Time Estimate: 0 minutes
Time Logged:   0 minutes


-----------------------------------------------------------------------------------------

Issue Description
==================

Clients need to use E2E encryption so that the server component does not see the text of
their messages (only the metadata).

A simplistic implementation is fine as it reduces the likelihood of making fatal
mistakes.

My original intention has always been that the encryption key will be derived from the
room password, so let's start with that as an approach.

-----------------------------------------------------------------------------------------

Activity
==========

	
-----------------------------------------------------------------------------------------
2018-05-12 15:44:13              git
-----------------------------------------------------------------------------------------


-- BEGIN QUOTE --

Repo: LocalChat
Host:Rimmer

commit e0764bdf12eb002b76b59725aec79a53d2d4ac66
Author: B Tasker <github@<Domain Hidden>>
Date:   Sat May 12 15:41:53 2018 +0100

Commit Message: Implement msg payload encryption in the client - LOC-4
    
    Message payloads are now PGP encrypted using the room password as the encryption
passphrase.
    
    It'd be nice to be able to use something like OTR, but it adds a lot of overhead in a
Multi-User-Chat environment (as you'd need to address a copy to each user, encrypted with
their own key, or trust the server to see the messages).

 client/LocalChatClient.py |   28 +++++++++++++++++++++++-----
 1 files changed, 23 insertions(+), 5 deletions(-)

-- END QUOTE --

https://repos.bentasker.co.uk/projects/LocalChat.git/commits/e0764bdf12eb002b76b59725aec79a53d2d4ac66
|
https://repos.bentasker.co.uk/projects/LocalChat.git/commitdiff/e0764bdf12eb002b76b59725aec79a53d2d4ac66

	
-----------------------------------------------------------------------------------------
2018-05-12 16:13:28              btasker
-----------------------------------------------------------------------------------------

Commit 815cf386 also switched us to using ad-hoc SSL when communicating with the back-end,
so there's some in-flight protection for the metadata too.

I'm going to leave this issue open for now though, as the authentication mechanism design
in LOC-2 may well impact on this.
	
-----------------------------------------------------------------------------------------
2018-05-13 12:57:38              btasker
-----------------------------------------------------------------------------------------

The auth mechanism has now been designed and implemented under LOC-2 and other than making
a few tweaks to how the client accepts the room password there's been no real impact on
this. Closing issue as complete.
	
-----------------------------------------------------------------------------------------
2018-05-13 12:57:43              
-----------------------------------------------------------------------------------------

btasker changed status from 'Open' to 'Resolved'
	
-----------------------------------------------------------------------------------------
2018-05-13 12:57:43              
-----------------------------------------------------------------------------------------

btasker added 'Done' to resolution
	
-----------------------------------------------------------------------------------------
2018-05-13 12:57:46              
-----------------------------------------------------------------------------------------

btasker changed status from 'Resolved' to 'Closed'