End-to-end encryption #12
Comments
darkdragon-001
added a commit
to darkdragon-001/Pad
that referenced
this issue
Jun 22, 2020
Cryptography - Use AES-GCM-256 for encryption - Use PBKDF2 with SHA-256 and 100000 iterations for key derivation Behavior - A human-readable password will be automatically be generated when not set - The password will be appended to the URI as fragment #password - The IV (12 bytes) is prepended to the ciphertext - Everything is base64 encoded (33% overhead) - Update is disabled when encryption fails to avoid overwriting Fixes petercunha#12
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Append client-generated password used to encrypt the note and traffic as fragment
#something.I can provide you some sample code, once my question on StackExchange is answered.
It would also be possible to use a human-readable password which the users has to enter in a textbox such that it is not shown on screenshots. Key derivation should be used in this case.
The text was updated successfully, but these errors were encountered: