Migration step is required when the user tries to move all app data from old device to new one. Currently we backup slung public keys and private keys lists to cloud (iCloud or Google Cloud) and backup file is encrypted simply by passphrase which is considering to be change because of security concern.
The first proposal relies on generating a ticket with sufficient entropy.e.g, 256 bits or longer. Mixing with user passphrase to encrypt user profile when app backups. The app is able to store ticket locally through printing a QR code image easily for users to keep photo album or output as a pdf file. Then the new device can pull the backup file from the cloud server, decrypt by reading the QR code and typing memorized passphrase, and then resume the app like before. The last step is sending out token update messages to all recipients he/she slung before.
Detail progress:
User press migration button on his/her old device.
Old device backups profile if necessary (or use other technology to transfer data to the new device).
Display ticket on the old device.
Install SafeSlinger app on the new device, and pull encrypted profile from cloud server.
Read ticket from old device by taking bar code, and then enter corresponding passphrase to restore profile.
Migration step is required when the user tries to move all app data from old device to new one. Currently we backup slung public keys and private keys lists to cloud (iCloud or Google Cloud) and backup file is encrypted simply by passphrase which is considering to be change because of security concern.
The first proposal relies on generating a ticket with sufficient entropy.e.g, 256 bits or longer. Mixing with user passphrase to encrypt user profile when app backups. The app is able to store ticket locally through printing a QR code image easily for users to keep photo album or output as a pdf file. Then the new device can pull the backup file from the cloud server, decrypt by reading the QR code and typing memorized passphrase, and then resume the app like before. The last step is sending out token update messages to all recipients he/she slung before.
Detail progress: