Open NotANormalNerd opened 10 years ago
this is a bit out-of-scope for bepasty-server as this is a server side application. encryption must be done client-side or it is rather pointless.
if you think about providing javascript to the client that encrypts stuff before upload: who wants to trust js code that he just got a second before and that could be different a second later?
maybe this could be an issue for bepasty-client, but that project does not even exist yet.
after discussing with some fellow hacker, I think this feature is useful, due to a slightly different reason.
it's not just that the server owner can't read the content (so encryption protect's the uploader's content), but it also gives the server operator DENIABILITY of knowledge about what files reside on the server (and it's even not just "plausible deniability", he REALLY does have no means to know).
This might solve the potential legal troubles that come with publically operating such a upload site.
some implementation ideas:
https://server/<storageid>#key
- so the client will have the url and key in one convenient piece but won't transmit the key to the serverclientside en/decryption code:
if we could do en/decryption rather effortlessly on the client, the user experience of a crypted-only pastebin could be similar to a non-encrypted one. if we get there, we can solve problems by running crypted-only.
I already researched this option. We have to implement this in the fileuploader.js before the file is uploaded.
Displaypage then heavily realies on javascript. Or details are only shown in unencrypted mode.
did you find out how to decrypt a download in the browser before it is saved to disk? maybe without keeping the whole download in memory (-> "streaming mode")?
Currently our javascript is only involved in uploading. Taking the MEGA way would be downloading->decrypting->offering to save
I'll research in that.
use "html5 file api"?
jquery.fileupload.js already uses that: see: o.blob = slice.call(...)
if we get in between there, we could encrypt.
for writing, see there:
https://code.google.com/p/crypto-js/ for js encryption / decryption?
http://sebsauvage.net/wiki/doku.php?id=php:zerobin maybe has some interesting concepts / uses some libs we could use also.
http://matasano.com/articles/javascript-cryptography/ http://tonyarcieri.com/whats-wrong-with-webcrypto
Maybe some issues will be (and some won't be) resolved by the WebCryptoApi.
Encrypt so server owner/user can't read the file contents.