[BETA] Encryption for Private Messages.

A place for MOD Authors to post and receive feedback on MODs still in development. No MODs within this forum should be used within a live environment! No new topics are allowed in this forum.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: MOD Development Forum rules

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Post Reply
jason_bassford
Registered User
Posts: 2
Joined: Tue Dec 09, 2003 9:37 pm
Contact:

[BETA] Encryption for Private Messages.

Post by jason_bassford »

I just finished writing a mod that will securely encrypt (and decrypt) private messages so that the PMs will not be stored in the database in plain text.

I know that there's been some discussion of it in the past, without any result, so I thought I'd give it a try myself.

Here's a short description:
This will allow you to encrypt private messages to other board users. The user will then be able to decrypt the message if they know the password that you used. This prevents any sensitive message from being read by somebody looking at the raw database records.

Decryption happens onscreen - not within the database. So, even if you "decrypt" a message (and read it) it is still stored on the server in its encrypted form.

If you've decrypted a message, and quote it back to the sender, it will be the decrypted text that is quoted back. The quote must, itself, be manually encrypted or else it will be sent back to the original sender in plain text.

Once a message is encrypted and submitted, and in the sender's Outbox, it may be viewed and deleted, but it cannot be edited.

This mod encrypts Private Messages using a 256-bit Rijndael block cipher.

NOTE: In order to use this mod, you must have PHP compiled with libmcrypt2.4.x or higher!

You can download it here.
Last edited by jason_bassford on Fri Dec 12, 2003 11:13 pm, edited 2 times in total.
User avatar
morpheus2matrix
Former Team Member
Posts: 9171
Joined: Wed Apr 10, 2002 7:31 pm
Location: France
Contact:

Post by morpheus2matrix »

Looks interesting :)

Two questions :

- is it possible to not encrypt a message ?
- how do you transmit to another user the key you've used to encrypt a message ? By sending a PM ? In that case, i'm not sure this is quite logical : you send the key by PM and then, you send the PM encrypted. If someone have access o the db, he will find the key so he will be able to devrypt the message


BTW, it could be a good add-on to this : http://www.phpbb.com/phpBB/viewtopic.php?t=155809
Former phpBB MOD-Team Member -

Forgive my bad English :(

No support by PM/Email - Thanks - You can thanks me here :) - Pay me for installing MOD's :lol:
whoo
Registered User
Posts: 575
Joined: Fri Mar 07, 2003 4:12 am

Post by whoo »

i like the idea.. however since (ideally) only admins have access to the db, it might follow that those admins that might consider installing this, dont need to since theyre not peeping into ppl's pm's, and those that are peeping, wont want to install it.
jason_bassford
Registered User
Posts: 2
Joined: Tue Dec 09, 2003 9:37 pm
Contact:

Post by jason_bassford »

morpheus2matrix wrote: - is it possible to not encrypt a message ?

Absolutely. Encryption is purely optional. I just added to the existing "Preview" and "Submit" buttons a masked text input for the encrypt key and an "Encrypt & Submit" button.

(Being able to quote a decrypted message was a bit tricker. I had to replace, when a decrypted message was being viewed, the simple hypertext link of the quote button with an actual form input button that used POST VARS - because, otherwise, the encryption key would be visible in the URL.)
- how do you transmit to another user the key you've used to encrypt a message ?

There's always something. <grin> If you want to keep the key a secret, you could send an innocuous email message talking about, say, the weather. Then, after you'd deleted the message from your Sent items, and the recipient from their Inbox, you could refer to something you'd said and use that. (It would have to take a concerted effort for an administrator to then go through all correspondence and try to figure out the reference - depending, of course, on how subtle you were - and if both referencing messages had been deleted, then it would never be figured out.)

Yes, you're right that there's no straight forward way of doing this. (Although perhaps if both parties have actual email accounts.) But it could be worked out.
whoo wrote: i like the idea.. however since (ideally) only admins have access to the db, it might follow that those admins that might consider installing this, dont need to since theyre not peeping into ppl's pm's, and those that are peeping, wont want to install it.

There could be other reasons.
  1. To reassure people that things really are safe - from a user perspective, wouldn't it be nice to know that you could encrypt a message so that nobody, including any administrator, could view it? Everything being equal, I'm sure that people (those who cared about the issue anyway) would rather communicate on a site where this was present than where it was lacking - so it's a good "selling feature" to attract more users. (In combination with SSL only access to your site it would make PMs pretty much foolproof.) As an example, I had one user of a board I moderate PM me, asking if their PMs were really not viewable by anyone. I had to tell them that, in theory, the administrator could view them...
  2. If there are two or more administrators running the site and one or more of them wants to be sure that the others will never be able to see one of their messages.
  3. To be protected in case somebody hacks into the system.
  4. If you're sharing your computer with other people and want to make sure that something you're reading is only accessible at the time that you've supplied the password and decrypted it (once you've cleared the decrypted version of the message, even if somebody sits down at your computer and looks at your Inbox, including the encrypted message, they won't be able to decrypt it to read it if they don't know the password).
boumbastic
Registered User
Posts: 5
Joined: Fri Feb 06, 2004 10:29 am

Post by boumbastic »

hi all
there is a way to add this encrypt option to normal post on forums ?
burnthome
Registered User
Posts: 144
Joined: Thu Jan 08, 2004 9:13 am
Contact:

Post by burnthome »

is there have any screenshot or demo to view how its works??and as i look at the coding its only editing the files but no included files needed...the problem is its that possible to encryption/decryption with adding supportting files to assist...because your encryption/decryption mod are so simple to encryption/decryption if without adding more files to make it complex....

thanks,
burnthome
maddog_chrisuk
Registered User
Posts: 22
Joined: Fri Aug 06, 2004 11:51 pm

PM Encryption

Post by maddog_chrisuk »

Hi

I have the private message manager mod install, which lets only the main admin view all private messages.

If I add this mod will the private message manager still display the messages.

Regards


Chris
lifehacker
Registered User
Posts: 67
Joined: Mon Mar 27, 2006 1:42 am

Post by lifehacker »

It dosent seem to work for me.

When I try to open an encrypted pm, I just stay in the inbox without going to the pm or being able to decrypt it.
Post Reply

Return to “[2.0.x] MODs in Development”