Brainstorming/SekritFerret

From Woozle Writes Code
< Brainstorming
Revision as of 13:21, 31 July 2017 by Woozle (talk | contribs) (Created page with "==About== SekritFerret is a module for securely storing and sharing sensitive information; the primary usage is passwords, but it is intended to accommodate other information...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

About

SekritFerret is a module for securely storing and sharing sensitive information; the primary usage is passwords, but it is intended to accommodate other information as well.

A key mechanism is that all sensitive information is encrypted using a public key, where the private key is never stored on the server. Each user has their own public/private key. The user enters it manually when decryption is needed. (Optionally, we might have a mode where the private key is stored on the browser as a cookie, allowing the server to automatically decrypt things without the user having to repeatedly enter it.)

When a user (Alice) wishes to share selected sensitive information with another user (Betty), the server decrypts Alice's information with Alice's submitted private key, then encrypts it using Betty's public key (stored on the server) and saves the result to Betty's data area. This prevents the data from ever being stored on the server in a way that would permit decrypting with no additional information.

Requirements

  • data is key-value pairs
  • user must be able to choose which pairs should be stored encrypted
  • user must be able to organize pairs in a hierarchy
    • e.g. under a site name, there may be multiple user accounts; each user account would have a single password and possibly other information
  • ideally, should support other types of information such as dates, URLs
  • should maintain an edit history for each pair
Retrieved from "https://wooz.dev/mw/index.php?title=Brainstorming/SekritFerret&oldid=277"