Make E2EE compatible with file server cache

Bartalog / cool-maze

A quick mobile-to-desktop share capability, through matrix barcode

Apache License 2.0

2 stars 6 forks source link

Make E2EE compatible with file server cache #372

Open Bartalog opened 5 years ago

Bartalog commented 5 years ago

After #58

In a "simple" E2EE approach, the uploaded resource is encrypted with a single-use crypto key, and cannot be reused later even if the same user uploads the same file with the same filename.

Find a way to encrypt with some sort of secret K that would allow reuse, e.g. K=f(hash(resource)).

Bartalog commented 5 years ago

Possible solution:

mobile encrypts file with single-use random key P (see #371)
mobile keeps a short-lived cache of (hash -> P) mappings
for a file share having hash H, if mapping (H -> P) is found in mobile cache, and (P(H) -> F') is found in server cache, then generate a new download URL for F'
otherwise, generate a new P, compute F'=P(F) and upload F'

Cache system thus works only when successives share actions are performed by the same user.