search

HemmeligOrg / Hemmelig.app

Keep your sensitive information out of chat logs, emails, and more with encrypted secrets.
https://hemmelig.app
MIT License
685 stars 59 forks source link

Diffie-Hellman for the encryption #69

Open kr-nn opened 2 years ago

kr-nn commented 2 years ago

Just as mentioned in my original reddit comment

Ideally the way I think it should be implemented is with an "Expert mode" option. This way non-technical users won't struggle with it.

  1. Alice creates a link and this generates a key pair

  2. Alice sends the link (which contains the public key) to bob

  3. Bob opens the link, and a key pair is created for bob

  4. Bob is prompted to send the public key he has to alice using that same unencrypted channel. Meanwhile the shared key is created and put into a cookie using bobs private key and Alices public key

  5. Alice puts bobs key in the link they generated. This creates the shared key on Alices end.

  6. Alice then puts the secret data they want to send to bob. The Shared key encrypts the data being sent.

  7. Bob then see's the information is available, and decrypts the note because their browser has the shared secret in a cookie.

bjarneo commented 2 years ago

Awesome. Thank you for this issue. Expert mode seems like the way to go.

bjarneo commented 2 years ago

Here is the explanation of this for tweetnacl (which is the library used): https://tweetnacl.js.org/#/box (if I understood this correctly)