search

Tangerine-Community / Tangerine

Digitize your offline data collection. Create your Forms online with Tangerine Editor, conduct them offline with the Tangerine Android App. All results you collect can be exported as a CSV file, easy for processing in a spreadsheet. Tangerine has been used in over 1 million assessments and surveys in over 60 countries and in 100 languages.
http://www.tangerinecentral.org/
GNU General Public License v3.0
49 stars 30 forks source link

Support encryption on top of IndexedDb #2612

Open rjcorwin opened 3 years ago

rjcorwin commented 3 years ago

Field Level Encryption

Thinking about field level encryption, we are already marking form inputs as PII, in our UserDatabase.put/UserDatabase.post method we could add an encrypt step and then in the UserDatabase.get method we add an decrypt step (https://github.com/Tangerine-Community/Tangerine/blob/master/client/src/app/shared/_classes/user-database.class.ts#L42). When data is then replicated up, it fields marked as PII would be encrypted, and when the server prepares reporting caches, it would decrypt the data.

This falls down when users are going to share data though... Because every device has their own encryption key, when one device opens data from another device it would be unable to decrypt it. We could fall back to having one shared key for all devices, but that makes for a painful recall process if one device is compromised or lost, we would have to change the encryption key for all devices and make a save to every doc in the database changing what key PII fields are encrypted with.

rjcorwin commented 3 years ago

Crypto-pouch

Using crypto-pouch would be great. However, here are a few issues in the crypto-pouch issue queue that are blockers.