Use of secure storage for locally stored keys

[mark-loveless]

Currently:

The e2e encryption keys and client-side pem are stored locally on the client in a sqlite database. If an adversary could get to the database they could replace the key with one of their choosing, compromising future communications. Additionally if an adversary has recorded the encrypted session via sniffing they can replay the session if they can obtain the client key. This may violate other participants' rights or even possibly violate communication laws since they are "recording" the meeting without notification of the other participants.

Proposed:

Use of hardware-based secure storage such as Secure Enclave/Keymaster etc. The main problem I see with this would be clients running on hardware that does not support it, so adjustments would have to be made to accommodate client devices that do not support hardware-based secure storage.

[karanlyons]

We plan to make use of native OS and hardware level support for secure key storage, but opted not to expound on these details in the current draft in order to focus on the novel aspects of the protocol.