Anyone built a Phoenix or LiveView app with client-side encryption?

Anyone have success doing this?

  • What are you doing for key management on the client side and how does this work together with encrypted fields in Ecto?
  • How do you manage keys when it comes to teams or organizations, so that members of the organization can access and modify the data?

Any papers or resources you can point me to would be amazing. There are lots of companies doing this kind of work at the moment, but there’s still not a ton of info published on building privacy-preserving apps in this way.

:wave:

A bit off-topic, but I used GitHub - signalapp/libsignal: Home to the Signal Protocol as well as other cryptographic primitives which make Signal possible. for an iOS app a long time ago with Phoenix Channels. The backend part was pretty “dumb” and all it did was store blobs of encrypted messages and move identity keys and prekeys around.

1 Like

This seems more like an entire frontend problem, as you don’t want the server to actually manage encryption/decryption or the keys, otherwise it defeats the propose of the server not having access to the data.

LiveSecret does E2EE with Phoenix/LiveView. The implementation might be able to serve as a basis for a more sophisticated app. Happy to answer any questions.

The key management is essentially:

  1. Passphrase is generated in the browser
  2. Secret cleartext is encrypted in the browser
  3. Ciphertext is sent to the server and stored in the DB
  4. Passphrase is never sent to the server. The user of LiveSecret decides how to protect the passphrase.
  5. On the receiving side, LiveView delivers the ciphertext and the receiving user provides the passphrase.
  6. The decryption happens in the browser.
1 Like