What are you doing for key management on the client side and how does this work together with encrypted fields in Ecto?
How do you manage keys when it comes to teams or organizations, so that members of the organization can access and modify the data?
Any papers or resources you can point me to would be amazing. There are lots of companies doing this kind of work at the moment, but there’s still not a ton of info published on building privacy-preserving apps in this way.
This seems more like an entire frontend problem, as you don’t want the server to actually manage encryption/decryption or the keys, otherwise it defeats the propose of the server not having access to the data.
LiveSecret does E2EE with Phoenix/LiveView. The implementation might be able to serve as a basis for a more sophisticated app. Happy to answer any questions.
The key management is essentially:
Passphrase is generated in the browser
Secret cleartext is encrypted in the browser
Ciphertext is sent to the server and stored in the DB
Passphrase is never sent to the server. The user of LiveSecret decides how to protect the passphrase.
On the receiving side, LiveView delivers the ciphertext and the receiving user provides the passphrase.