Encryption

[d0x2f]

An idea for how to implement this is to use a user provided password to perform encryption and decryption entirely on the front end.

Implementation

When a board is created and if a password is provided, a simple bit of json (e.g. { "valid": true }) is encrypted and stored in the boards metadata.

When a board is opened, an attempt is made to read the metadata, if unsuccessful we know that the board is encrypted and can prompt the user for the password (or use the one given in board creation if the client is the one who created the board).

With the board is opened and the password is known, all card text can be encrypted with the password before being sent to the server.

When rendering cards, the text will first be decrypted by the known password.

Considerations

Upsides:

• Confident backend security as it never sees the unencrypted data or the password.
• Easy to independently verify by inspecting what's sent and received from the server using the browser.
• Easy to understand for a user, simply share the password to those you wish to share the board with.

Downsides:

• Meta info such as card count, text length and vote numbers can be discovered.
• Browser support for encryption methods may be spotty.
• An attacker has access to many small encrypted samples which can help in attempts to crack the key.