Data encryption

0 like 0 dislike
9 views
The essence of the problem:

To ensure the exchange of data (text) in encrypted form between the user group.

To encrypt data on the client side directly in the browser (JS or Flash).

The data on the server are only in encrypted form, so that even the administrator could not access them.

Question two:
1. What encryption method should I use?
2. What about encryption keys?

Thank you!
by | 9 views

5 Answers

0 like 0 dislike
Without taking into account the existence of the implementation of particular protocols in js or flash, so as not encountered, I can advise to read Schneier "applied cryptography". In the same scheme and key exchange, and other utility. Or ask a question try to answer in more detail.
by
0 like 0 dislike
The main problem I think is the key exchange and user authentication. In your case, I think, to authenticate all authorized clients need either a trusted third party for storing certificates; or the possession of some shared secret information in advance of communication over an insecure channel; or direct access to each other, without the server, to minimize the possibility of compromise of the communication channel.
\r
As I see it, although, of course, I could be wrong.
1. A trusted third party needs to publish certificates or public keys to clients. You can use ssl.
2. General information, this is the symmetric encryption key or an asymmetric private key or any other secret information, proof of the possession of which will enable to authenticate the client.
3. Alternative communication channel which will allow the exchange to authorized users with keys without intermediaries in the form of servers.
\r
And then the user simply encrypts the information and places on the server.
by
0 like 0 dislike
If all users use Firefox, you can use one of the designed for encryption Addons.
by
0 like 0 dislike
If the data on the server, only stored and not require decoding, then the client encrypt whatever password/key provided by the client, pass to server. Without the key to decrypt will be difficult. Back the client receives encrypted info, enters the key and decrypts. The key of course to the server, not transmitted.
For example www.mozilla.com/en-GB/firefox/sync/ does that.
by
0 like 0 dislike
The key is to transfer p2p?
by

Related questions

0 like 0 dislike
4 answers
0 like 0 dislike
1 answer
asked Mar 23, 2019 by mihavxc
0 like 0 dislike
4 answers
0 like 0 dislike
5 answers
0 like 0 dislike
7 answers
110,608 questions
257,186 answers
0 comments
28,661 users