search

booluw / slot

Social media platform, without the "low self esteem" stuffs.
https://my-slots.web.app
1 stars 0 forks source link

Slot text encryption #1

Open booluw opened 2 years ago

booluw commented 2 years ago

@haibeey can we have an encryption function in JavaScript? Would use a private key that'll be dependent on the uid provided by Firebase.

haibeey commented 2 years ago

so where will the keys be stored? storing the keys is a very big factor to be considered because if the keys are exposed the encryption would be useless

booluw commented 2 years ago

Like I suggested, having the firebase user ID as the key won't be bad. We'll have firebase handle the storage, and the only was of penetration would be if any attacker can get a way of pulling the user's ID from firebase auth.

Note that this userID is alphanumeric.

haibeey commented 2 years ago

Encryption system requirements separate keys not just random keys . But I think we can store them on an one of the user field . I would work on some thing .

The general spec of it would

Func Generatekeys()

Func encrypttext()

Func storegeneratedKeys()

Func retrievedgeneratedkey()

haibeey commented 2 years ago

Sorry guys I mistakenly closed the issue .

booluw commented 2 years ago

Encryption system requirements separate keys not just random keys . But I think we can store them on an one of the user field . I would work on some thing .

The general spec of it would

Func Generatekeys()

Func encrypttext()

Func storegeneratedKeys()

Func retrievedgeneratedkey()

The uid from firebase isn't random. Its fixed and user gets one ID per account.

haibeey commented 2 years ago

Encryption system requirements separate keys not just random keys . But I think we can store them on an one of the user field . I would work on some thing . The general spec of it would Func Generatekeys() Func encrypttext() Func storegeneratedKeys() Func retrievedgeneratedkey()

The uid from firebase isn't random. Its fixed and user gets one ID per account.

it not about randomness or being fix . Encryption keys are so that they could encrypt and decrypt . They are very mathematically in nature. I already proposed that if the user field is like this

User{ uid string encryption_key pair<string,string> otherfield ..... }

That should work for this project

booluw commented 2 years ago

@haibeey, how's the encryption function coming on? Need an update by Wednesday or we go with Bcrypt.

haibeey commented 2 years ago

is this still open ?