7
According to everything I researched and with the help of @Maniero I came to the conclusion:
"Cryptography end-to-end is done when only the connection points have access to the key that will decrypt the content, ie the data can UNTIL pass or stay on the server, but they should be there in an encrypted form so that it is unreadable and null data for others".
Honestly I find this amazing and I am very excited to adapt my application to this kind of encryption, at the moment I use an internal global key to encrypt the data of my database using the algorithm AES-128 ECB.
I will not be able to adapt my entire project to this type of encryption because otherwise a good part of it would be dismembered, "search for users" would be practically impossible to accomplish... anyway it is not the focus of the issue, I just got carried away.
I have a chat where at the moment all your data is recorded encrypted on database and I would like to adapt it to end-to-end. Taking into account that for this a key should be created for each point (user to receive and to send), my three questions are:
- There are specifications to create these keys?
- As I will inform the user at the other end of my key to decrypt my messages I will send?
- My biggest question is: What means of communication can I use between users websockets?
I believe that you are talking about RSA, but both the ESA and the RSA have different purposes and have their respective positive and negative points. Generally speaking, RSA is only interesting when it is intended to share confidential information with third parties through an unsecured channel. The ideal would be to make the encryption by AES (because it is faster) and to match the AES key using RSA (Public-Key)
– Tobias Mesquita
@Interesting tobymosque you said, could you tell me more? PHP usage.
– Elaine
I don’t have knowhow in PHP, but I can tell you that an HTTPS connection uses SSL, and SSL uses RSA, so you could send your keys via a secure link (HTTPS) and the encrypted file via an unsecured link (HTTP)but in this case it is interesting to use a different Key/IV to each transmission.
– Tobias Mesquita