search

nextcloud / end_to_end_encryption_rfc

🔒 Specification for end-to-end encryption used by Nextcloud sync & mobile apps
Other
31 stars 15 forks source link

Why should a folder ever be changed from encrypted to unencrypted? #19

Open awesome-manuel opened 6 years ago

awesome-manuel commented 6 years ago

The current API of the e2e app allows folders to be changed from encrypted to unencrypted.

What is the use case for this?

Even if this is restricted to empty folders, the folder should better be deleted and created again. Furthermore the RFC should explicitly state that a client must not trust the server if a previously encrypted folder is now marked as unencrypted. Otherwise a malicious server could trick a client into uploading the files unencrypted. See also https://github.com/nextcloud/end_to_end_encryption/issues/74

rullzer commented 6 years ago

Makes sense to me...

@tobiasKaminsky @schiessle

tobiasKaminsky commented 5 years ago

:+1: As far as I recall our discussion on conf, we need another verification anyways to prevent from replay attacks. Let us keep this open for the E2E hackweek

tobiasKaminsky commented 5 years ago

With v2 we decided that an encrypted folder/file cannot be marked as unencrypted again. This needs to be handled on server, but also on client side.