Add Secure Sharing of Keys

[smcgregor]

Mobile applications are an ideal way to transfer keys from one trusted device to another. In this project you would be building out this functionality for integration with the Privly family of applications. The ideal proposal would include key exchange with NFC and/or QR codes. The challenge with this project will not be to build communication for key exchange, but to properly integrate the exchanged keys with the rest of the architecture. One potential process would be to:

1. Two users select "exchange contacts" in the Android application
2. The users place their phones near each other and keys are exchanged
3. The exchanged key is signed by the mobile device and pushed to the user's key exchange storage (the content server would work here, but this could equally be Twitter or email)
4. The exchanged key is also stored to the local storage of the webview so privly-applications can benefit from the newly trusted contact.
5. When the user encounters the shared key from the content server (or twitter/email) on the browser version of the extension, the key is synced to the browser.

This is intended to be the discussion point for project proposals.

[vshivam]

So, the first step will be to implement a secure local storage of keys which could be synced with the server and be accessible to local privly applications as well ?

[smcgregor]

I think we would want to store the keys in the localstorage context of the web view. That would make the keys available to all local applications. The trickey part will be syncing the collection of keys between devices, which may work with a qr code and websockets. We need to think about how we can make this usable. For a student to be successful in this they will need to have an excellent understanding of how both architectures plug together. We should probably require a pull request from both platforms.

[akki12345]

@smcgregor you say store the keys in the local phone storage context of the web view...this is done.So now what we have to do is.....syncing the collection of keys between devices with a qr code and any type of password(the syncing part is like a Google sync.).

[smcgregor]

The purpose of the last point is to allow for synchronization between the mobile app and the desktop's browser extensions. This could be accomplished in several ways, but the most important aspect is that the keys not be imported to the desktop unless they are trusted by the phone. This will be easy of the desktop and the mobile already share a private key, so it may be better to concentrate on transferring private keys between devices.

[smcgregor]

Private keys need to remain private. If you share the key via Drop box or Google drive, then Drop box and Google Drive also have the private key.

[smcgregor]

One potential approach would be to have a QR code displayed by the desktop that contains a key and a identifier. The QR code key would encrypt mobile's private key in transit and would be destroyed immediately after the private key is decrypted. The identifier would allow both parties to identify their communications channel.

A similar approach could be used for mobile to mobile and desktop to mobile key transfer.

[mkash32]

Would it be a good idea to maintain the private key in the privly database so that the private key will be associated with the user? In this manner transferring of private key wouldn't be needed (only for public keys of trusted contacts would need to be transferred). The private key could be symmetrically encrypted with the user's password so it would be secure on the privly server also.
I was thinking about the situation where a user creates the private key through the mobile device and distributes the public key to his/her friends. If the user happens to delete the app then the private key info is lost. If the user's friends try to send any messages using his public key then it won't be possible to decrypt those messages. Then the user would have to generate another private-public key and redistribute to all of his/her friends.

[smcgregor]

Yes, key loss is a huge issue. It could be good to have a backup, it depends on the specifics of the implementation. It is difficult to comment more specifically without a more concrete proposal.