Domthegrom / 24

1 stars 0 forks source link

Encrypt Google Firebase #11

Open darrius opened 6 years ago

darrius commented 6 years ago

Intent: We want to be able to tell users that all their messages are encrypted. This means that even us (admin folk) cannot see what they are talking about.

Why: Privacy is important. We don't want to keep any user-data but the essentials (login info, etc).

Feasibility: Would like to see if we can implement this feature. Can we get the cost super low? How long will it take to build out the feature? Or do we even need to use Google KMS?

How: This guy outlines how he hack together a solution for his Prayer app: http://www.geero.net/2017/05/how-to-encrypt-a-google-firebase-realtime-database/

Here's the codebase that he has shared with everyone: https://github.com/andygeers/firebase-keysafe

Here's the pricing that we'll need for Key management: https://cloud.google.com/kms/ To cut costs - can we use 1 key for everyone?

Key use operations (Encrypt/ Decrypt - $0.03 per 10,000 operations - can we limit this somehow?

Random: This article might help? https://medium.com/google-cloud/from-idea-to-deployed-on-gcp-in-24hrs-927eaf8a5939

darrius commented 6 years ago

some background info -

http://www.telegraph.co.uk/technology/0/encryption-should-using/

https://faq.whatsapp.com/en/android/28030015/?category=5245250


From quick research - it looks like if we encrypt each message sent (like Whatsapp) then that would count as 1 operation (i think). If this is true, then the costs can add up super quick. If this logic is true, then this is a nice to have feature but not needed for now because we got no money!