search

ilbertt / infinitecloud_bot

Infinite Cloud bot source code
https://t.me/infinitecloud_bot
MIT License
9 stars 6 forks source link

Add optional file encryption #2

Open Arturro43 opened 3 years ago

Arturro43 commented 3 years ago

A nice addition would be to add the ability to encrypt files (e.g. using AES256) to achieve a zero-knowledge cloud out of Telegram's cloud storage.

ilbertt commented 3 years ago

Would be nice, but where should you/the bot save the encryption key? It could not be other than the chat (as it happens now with filesystem) to avoid data go outside Telegram, but this doesn't end in a real zero-knowledge application. Also, according to this FAQ, Telegram already keeps encrypted all your data from third parties.

Anyway @Arturro43, do you have an idea on how to achieve your suggestion? If yes, feel free to open a PR!

Arturro43 commented 3 years ago

I don't have programming skills, but my friend told me, that "homomorphic encryption" which allows to perform an operation on encrypted data without decrypting them in such a way that the result is identical to that which would be obtained if the operation were performed on unencrypted data

So, for example, the sender sends an encrypted key to the bot, the bot performs a homomorphic operation on the key whose argument is a symmetric key and sends back.

The sender decrypts and compares what he has received with the input data and in this way they determine the symmetric key.

https://github.com/jonaschn/awesome-he

ilbertt commented 3 years ago

Maybe it could work, but the user would have the responsibility to safely store the key