Encrypt Chat Messages Stored In Firebase Database
I am making an application in which chatting is also a feature for which I am using firebase realtime database. Though all the data stored in firebase is via SSL but I want that even the administration is not able to see that messages. I thought of implementing the end-to-end encryption by using the public and private key architecture, but storing the private key on device won't be good as a new private key will be created when the phone is uninstalled or even when the app is used in another device and also previous messages won't be decrypted.
I also thought of, if the new messages could be encrypted with the new private key, when generated, and storing the previous chat history in google drive or iCloud as backup, but since this not entirely a chat application I think this won't be feasible.
http://www.geero.net/2017/05/how-to-encrypt-a-google-firebase-realtime-database/
I also went through this article but again the keys will be with the administration.
How should I proceed ?
Answer
I recomend you to encrypt your messages with AES. And you should not store the secret key on devices. Otherwise, users can make key agreement to generate shared secret key, using Diffie-Hellman key exchange algorithm: https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
Related Questions
- → should I choose reactjs+f7 or f7+vue.js?
- → Phonegap Android write to sd card
- → Local reference jquery script in nanohttpd (Android)
- → Click to navigate on mobile devices
- → How to allow api access to android or ios app only(laravel)?
- → Access the Camera and CameraRoll on Android using React Native?
- → React native change listening port
- → What is the default unit of style in React Native?
- → Google play market autocomplete icon
- → Warning: Each child in an array or iterator should have a unique "key" prop. Check the render method of `ListView`
- → Using Laravel with Genymotion
- → react native using like web-based ajax function
- → react native pdf View