Page 1 of 1

Save private messages encrypted in the database

Posted: Mon Aug 05, 2013 12:05 pm
by wintstar
Comeback from users repeatedly the allegations that private messages can be read by Admin. I think that should be stored in the database encrypted private messages.

----------

View idea at: Save private messages encrypted in the database

Posted by wintstar

Re: Save private messages encrypted in the database

Posted: Mon Aug 05, 2013 12:43 pm
by nickvergessen
This means, that if a PM is send to multiple people we need to store it multiple times.

Also it gives a false feeling of security, because we need to store the key for decrypting in the db aswell (so admin can still hack to read them), or require the user to enter it everytime.

Re: Save private messages encrypted in the database

Posted: Mon Aug 05, 2013 1:06 pm
by wintstar
It is and will always remain a vexed issue of the admin reads the PN or could read. Thus for me the issue would end when one encrypts the PN in the database, just like the passwords.

Re: Save private messages encrypted in the database

Posted: Tue Aug 06, 2013 5:00 pm
by Crizzo
But you don't get the password back to readable text.

You just encrypted the inserted password and compare it with the "encrypted code" in the database.

But a PN has to be reconverted, if the receiver should be able to read them.

And anything what is needed to decode the pn, if it is within the phpbb-code/functions, will be abused to read the pn anyway.

So i think the only good solution is, that the user encrytes the pn before sending, the receiver gets the encryted message and decodes it with a secondtool and code from a 3rd party origin.

Re: Save private messages encrypted in the database

Posted: Thu Aug 08, 2013 10:39 pm
by AlanSBradburn
You could generate a per user keypair and encrypt one half with the user's password used for decryption/signing, the other half used for encryption/verification.

Either enter password every time to view a pm or save in a cookie encrypted by a per board key.

FYI I voted no on this due to complexity, but it can be done. (cool idea for a plugin)

Re: Save private messages encrypted in the database

Posted: Fri Aug 09, 2013 6:27 am
by AmigoJack
AlanSBradburn wrote:the user's password
What if that changes from today to tomorrow?

While there are always ways to manipulate the PHP code to bypass this I'm in for at storing it encrypted, because less skilled people would then not be able to simply read it. In that way, the system doesn't have to be changed (one text only, regardless of how many recipients): with each new PM a new encryption key is created and saved aswell, so you have to use phpBB in order to decrypt it.

Only downside is: you can't search PMs anymore (I've already implemented this since I store a lot of them).

Re: Save private messages encrypted in the database

Posted: Mon Aug 12, 2013 7:58 am
by callumacrae
Someone would just make a mod to read PMs, though

Re: Save private messages encrypted in the database

Posted: Mon Aug 12, 2013 8:11 pm
by Jessica
callumacrae wrote:Someone would just make a mod to read PMs, though
There's a mod in the MOD database that does that...