This is related to https://laracasts.com/discuss/channels/design/complete-client-side-encryptiondecryption-on-browser
Since it is a different question, I thought I'll create a new thread so I can choose a "best answer" for this separately.
In my current design, the key pair is generated on the server and the private key is encrypted with the user's password and which is further encrypted with Laravel's encryption. This allows me to use the same key pair for encryption and decryption regardless of the device the user is using. I think it is pretty secure, considering the key is password protected and is stored encrypted.
An alternative is to generate a key pair in the browser and send only the public key to the server. This way there will be multiple key pairs per user (1 pair per device). This is also secure since his private key never leaves his device. It's an overhead to manage multiple device registrations and encryption files with AES and encrypt the key with all his private keys. I am fine doing that too. I just need to build the best system possible. That's all.
The problem with the alternative design is that when the user registers a new device, I'll have to iterate through all his files and files shared with him to re-encrypt the keys with the new device's keys. In the current design, I can avoid it. This also causes a problem for the user if he has lots of files. Coz he will have to wait a bit before he can start accessing his files (coz depending the number of tiles nad sizes, the process would take some time).
Would you suggest using the current design or the alternative? Do you see any issue with the current design that I must use the alternative?
In my current design, the key pair is generated on the server and the private key is encrypted with the user's password and which is further encrypted with Laravel's encryption.
@mathewparet Surely that means your encryption is going to break if a user ever updates their password?
@martinbean no, when the user changes password the passphrase for the key pair is also updated.
@mathewparet Then what about all the files encrypted using the old passphrase?
@martinbean The files aren't encrypted with the passphrase. The files are encrypted with another, its own, key and that key is encrypted with the users public key. While decrypting the file, the user's private key is used and this private key is protected by the said passphrase. When user changes his password, this passphrase for the private key is updated. The private key as such isn't changed so it will work for all files encrypted.
Please or to participate in this conversation.