Skip to content

Message Encryption

Jump to bottom
Gordon Chiang edited this page Nov 15, 2021 · 4 revisions

Gordon — Today at 1:33 PM Here's what I'm thinking to get the server-side history:

  1. bob is messaging alice
  2. bob sends a message encrypted with a shared message key to alice through the server
  3. alice decrypts the message with the shared message key and can see the plaintext message
  4. alice re-encrypts the message with an alice-only private key
  5. alice makes an API call to the server to save this encrypted message on the server
  6. if alice ever wants to view history, they will make an API request for the server to send the history to alice
  7. alice decrypts it with an alice-only private key to view it

I think a db like you did could work: query for chat history by using the sender and recipient fields. So if alice wants only history with bob, the query would be like SELECT * FROM chat_history WHERE (sender = 'alice' and recipient = 'bob') OR (sender = 'bob AND recipient = 'alice). For group chats, we could just delimit recipient fields? Like bob, charlie, etc. in the same field or something?Not sure about that

Or a text file would work, but each individual chat would need its own text file I think. Could also do individual dbs but sounds crazier

To be more granular:

  1. bob is messaging alice
  2. bob encrypts a plaintext message to send to alice (1x encrypted with shared message key)
  3. bob encrypts the encrypted message and sends it to the server with bob-server key (2x encrypted)
  4. the server decrypts the encrypted message once with bob-server key (still 1x encrypted)
  5. the server re-encrypts the encrypted message to send it to alice with alice-server key (2x encypted)
  6. alice decypts it twice to get plaintext (alice-server key then bob-server key)

before this loop, bob and alice do diffie-helman over the server to get a shared message key that only they know

  1. bob types out a message to alice and hits send (but doesn't actually send yet! must do diffie-helman first)
  2. bob does diffie-helman with alice and they both get shared keys
  3. the typed message finally gets encrypted and actually gets sent over the network
  4. the keys are deleted Our idea of message keys were they were only good for one message, then you'd do Diffie-Helman again for the the next message to get a new message key, so we wouldn't store them
Clone this wiki locally