Open agharbeia opened 2 years ago
mrschaal
commented
2 years ago @marius-wieschollek this is exactly what our company needs in order to use the Passwords app as a complete password management solution for our teams that meets all security requirements. It would be great to see this implemented!
SageBilt
commented
1 year ago Agree, this is the one thing holding me back from fully implementing Nextcloud Passwords in our company!
Galbar
commented
5 months ago A user's private key is stored only on the client[s] they use, while the associated public key is also stored on the server
Could the private key be encrypted on the client and then stored server-side? The client would then download the encrypted private key and then decrypt it with the user password.
This way the user experience doesn't have to change to what it is right now.
Current Status Currently, end-to-end-encryption is possible only for passwords that are not shared with other users. Shared passwords are encrypted on the server side, and transferred after having been decrypted to the client, thus, dependant on the transport layer for encryption.
Feature Description It should be possible to share passwords with users while having them always encrypted and decrypted on the clients, by implementing a mix of symmetric and asymmetric cryptography: Assumptions:
When creating a password:
When accessing a password:
When sharing a password:
When a password is unshared: Since unlearning a previously shared password is not possible, the password must be changed and the new password re-shared with the new set of users.
There are some implementation details to be decided upon, such as whether the shared password ciphertext is stored in each user's password store, or whether it is stored only at its owner's store with metadata pointing to each share recipient. This should also be considered in light of the desired access controls, ownership model, etc, as well as practicalities of implementation.