[DEV] Encrypted PMs

A place for Extension Authors to post and receive feedback on Extensions still in development. No Extensions within this forum should be used within a live environment!
Get Involved
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: Extensions Development rules

IMPORTANT FOR NEEDED EVENTS!!!
If you need an event for your extension please read this for the steps to follow to request the event(s)
User avatar
spaceace
Registered User
Posts: 1857
Joined: Wed Jan 30, 2008 8:50 pm
Contact:

Re: [DEV] Encrypted PMs

Post by spaceace » Sat Jun 29, 2019 12:50 pm

Talk19Zehn wrote:
Sat Jun 29, 2019 12:38 pm
If I am forced to hand over the database to the authority because of a criminal complaint, it must be able to read the contents. :?:
as a board founder, you can always change that user's password and then log into their account to read them which i think should be the only way to read a user's private messages

dingus33
Registered User
Posts: 82
Joined: Fri Sep 29, 2017 11:11 am

Re: [DEV] Encrypted PMs

Post by dingus33 » Sat Jun 29, 2019 12:53 pm

spaceace wrote:
Sat Jun 29, 2019 12:50 pm
Talk19Zehn wrote:
Sat Jun 29, 2019 12:38 pm
If I am forced to hand over the database to the authority because of a criminal complaint, it must be able to read the contents. :?:
as a board founder, you can always change that user's password and then log into their account to read them which i think should be the only way to read a user's private messages
nope, that won't give you access

dingus33
Registered User
Posts: 82
Joined: Fri Sep 29, 2017 11:11 am

Re: [DEV] Encrypted PMs

Post by dingus33 » Sat Jun 29, 2019 1:12 pm

thecoalman wrote:
Fri Jun 28, 2019 1:27 pm
I proposed encrypting PM's in the "Ideas" forum. The one thing I suggested was adding user option for recovery through admin key.
  • Fully private, no recovery possible if you lose your password/key.
  • Fully encrypted on the server. PM's can be recovered by admin in the event you lose your password but they are also readable by admin.


I realize this would require duplicate column for storing PM's encrypted using admin key and additional processing but that would really not be a concern for me.

That said since this in an extension my biggest concern would be support going forward. This is not something you can back out of if support is dropped.
just fyi, you wouldn't need a duplicate column and ~2x the storage requirements.
you could do it like in GPG for example.

first, generate an intermediate key, and encrypt the message with that.
next, for each recipient (probably the main recipient and the admin in this case), encrypt this intermediate key with his key. prepend the results to the encrypted message as a header so that any recipient has access to the intermediate key and therefore to the message.

imo, in this extension, the master (admin) key should be an optional feature, and there's no reason why you couldn't enable/disable it at any time for new messages going forward.

User avatar
Talk19Zehn
Registered User
Posts: 343
Joined: Tue Aug 09, 2011 1:10 pm
Contact:

Re: [DEV] Encrypted PMs

Post by Talk19Zehn » Sat Jun 29, 2019 2:04 pm

Hello spaceace, it's from my assessment not good advice. ;)
viewtopic.php?f=456&t=2515201&start=60#p15281191
as a board founder, you can always change that user's password and then log into their account to read them which i think should be the only way to read a user's private messages
Unbelievable but true: That some operators still go (find) the way or other ways, has been known for years. I generally refuse to read private messages and / or emails.
I will never touch passwords as an operator and commit a criminal offense I will never read conversations in the database.


If PMs are in plain text, the question does not arise for the authority (!). If I would be reported a crime, I must be able to respond.

Please we go back to my questions:
viewtopic.php?f=456&t=2515201&start=45#p15281096
Additional question: Scenario ...
How do the authorities decipher the data in the event of a crime? Is this function ensured?
viewtopic.php?f=456&t=2515201&start=45#p15281181
Hello thecoalman, I'm sorry, I did not understand your answer.
If I am forced to hand over the database to the authority because of a criminal complaint, it must be able to read the contents. :?:
Many greetings
World Meteorological Organization (WMO) Weather - Climate - Water
BTW: My own works - phpBB - read more: ongray-design-de or look here: phpBB VT Theme

User avatar
Mannix_
Registered User
Posts: 489
Joined: Sun Oct 25, 2015 2:56 pm
Contact:

Re: [DEV] Encrypted PMs

Post by Mannix_ » Sat Jun 29, 2019 3:21 pm

Talk19Zehn wrote:
Sat Jun 29, 2019 12:38 pm
Hello thecoalman, I'm sorry, I did not understand your answer.
If I am forced to hand over the database to the authority because of a criminal complaint, it must be able to read the contents. :?:
I don't think you are obligated to give them full access. Giving them the db should be enough it's their job to "crack" it imho
-=-=-=-=-=-=-=-=-=-=-=-=-My Styles-=-=-=-=-=-=-=-=-=-=-=-=-
HexagonHexagonRebornCleanSilverProject Durango
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Want me to port a style to 3.2.x etc. contact me here or on twitter.

User avatar
david63
Registered User
Posts: 16324
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: [DEV] Encrypted PMs

Post by david63 » Sat Jun 29, 2019 5:59 pm

The more that I see of this extension and the more I think about it I cannot ever see it being accepted into the CDB, if for no other reason that it could "cripple" a board.
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

User avatar
canonknipser
Registered User
Posts: 2023
Joined: Thu Sep 08, 2011 4:16 am
Location: Germany
Name: Frank Jakobs
Contact:

Re: [DEV] Encrypted PMs

Post by canonknipser » Sat Jun 29, 2019 9:54 pm

David, I'm not sure about that. There is at least another validated extension, which "cripples" the board irevertable, see https://www.phpbb.com/customise/db/extension/phpbbasic/ which deletes the whole forum structure.
Greetings, Frank
phpbb.de support team member
English is not my native language - no support via PM or mail
New arrival - Extensions and scripts for phpBB

User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 3259
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: [DEV] Encrypted PMs

Post by thecoalman » Sun Jun 30, 2019 2:23 pm

Talk19Zehn wrote:
Sat Jun 29, 2019 12:38 pm
Hello thecoalman, I'm sorry, I did not understand your answer.
If I am forced to hand over the database to the authority because of a criminal complaint, it must be able to read the contents. :?:
If that is the law in your country then you would need system that has master key. PM's would still be readable by you or anyone else that has possession of the key including law enforcement if you gave it to them. The one benefit this provides to the user is it would prevent those messages from being read if third party obtained that information such as hacking the server.

Senky
Extension Customisations
Extension Customisations
Posts: 2124
Joined: Thu Apr 30, 2009 8:49 pm
Name: Jakub
Contact:

Re: [DEV] Encrypted PMs

Post by Senky » Mon Jul 01, 2019 7:37 am

david63 wrote:
Fri Jun 28, 2019 9:30 pm
That does raise an interesting point. What happens if the extension is disabled? Can no PMs be read?

@EA117 - Technically when an extension is disabled AND the data deleted it should leave the board in the same state as it was before the extension was enabled.
Only encrypted PMs couldn't be read. Also, when you delete the extensions, you loose the messages. But what extension can provide is a way to decrypt all user PMs. So once admin decides to delete the extension, he can give users a grace period when they are able to decrypt all their PMs. Then he deletes the ext, no harm done.


Talk19Zehn wrote:
Sat Jun 29, 2019 9:20 am
How do the authorities decipher the data in the event of a crime? Is this function ensured?
This isn't possible without at least one user providing his password for the message. Or without "master key" owned by the admin.

User avatar
david63
Registered User
Posts: 16324
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: [DEV] Encrypted PMs

Post by david63 » Mon Jul 01, 2019 8:44 am

Senky wrote:
Mon Jul 01, 2019 7:37 am
Only encrypted PMs couldn't be read.
Yes I appreciate that.
Senky wrote:
Mon Jul 01, 2019 7:37 am
Also, when you delete the extensions, you loose the messages.
Presumably you are only referring to encrypted ones. Cannot see that being a good idea!
Senky wrote:
Mon Jul 01, 2019 7:37 am
But what extension can provide is a way to decrypt all user PMs. So once admin decides to delete the extension, he can give users a grace period when they are able to decrypt all their PMs. Then he deletes the ext, no harm done.
And what happens after the "grace period" if they have not been decrypted?

I was more referring to a situation where the extension is disabled and not deleted. If,say, there was a change made to the core and the extension stopped working and so had to be disabled until a fix was found (or worse case scenario could not be fixed) no encrypted PMs would be able to be read.
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

Senky
Extension Customisations
Extension Customisations
Posts: 2124
Joined: Thu Apr 30, 2009 8:49 pm
Name: Jakub
Contact:

Re: [DEV] Encrypted PMs

Post by Senky » Mon Jul 01, 2019 12:38 pm

Well, there just isn't a simple way to restore all encrypted messages with a single click. That would beat all the purpose of the ext.

ivailo95
Registered User
Posts: 715
Joined: Tue Sep 05, 2017 8:00 am
Location: Bulgaria
Name: Ivailo
Contact:

Re: [DEV] Encrypted PMs

Post by ivailo95 » Wed Jul 03, 2019 6:14 pm

where i can download it?

Senky
Extension Customisations
Extension Customisations
Posts: 2124
Joined: Thu Apr 30, 2009 8:49 pm
Name: Jakub
Contact:

Re: [DEV] Encrypted PMs

Post by Senky » Thu Jul 04, 2019 7:50 am

It is in an early stage, no download is provided, yet.

User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 3259
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: [DEV] Encrypted PMs

Post by thecoalman » Thu Jul 04, 2019 10:44 am

Senky, I know you are early on with this but how difficult would it be to extend this to admin selected custom profile fields? e.g admin creates a hidden phone number field and the data would only be accessible by the admin using a master key. The purpose of such a field for personal data would be for password recovery in the event they lose their email address.

Senky
Extension Customisations
Extension Customisations
Posts: 2124
Joined: Thu Apr 30, 2009 8:49 pm
Name: Jakub
Contact:

Re: [DEV] Encrypted PMs

Post by Senky » Fri Jul 05, 2019 7:01 am

thecoalman wrote:
Thu Jul 04, 2019 10:44 am
...how difficult would it be to extend this to admin selected custom profile fields? e.g admin creates a hidden phone number field and the data would only be accessible by the admin using a master key...
Not very difficult, interesting use case. ;)

Post Reply

Return to “Extensions in Development”