Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
All encryption / decryption should be done on the server, not client side #4053
Encryption is only done on the client-side currently for exporting (messages, channels, etc.). It would be a performance hit to do encryption on the server for these things, but I think it's necessary from a security standpoint. Right now we're passing the secret symmetric key from the server to the client over the network. Even though that obviously happens from within HTTPS, most users still use the default self-signed cert.
The LDAP extension currently also encrypts the admin password on the client.
Imported Issue. Original Details:
When exporting to a file, then importing into another environment, how do you move the secret that protects the encrypted data? If using an appliance, you'll need to extract the symmetric key from the source server over that same network AND re-send that key over a similar network to the receiving server.
Perhaps it would be better to use a client-provided symmetric key (aka password) to encrypt sensitive data in the export-files (or the whole file, for that matter), then request the same password to be entered into the receiving client in order to decrypt the file.
This way, you:
(1) don't bog-down the server with encryption operations
Imported Comment. Original Details: