Skip to content

Instantly share code, notes, and snippets.

@penafieljlm
Created July 18, 2017 15:13
Show Gist options
  • Save penafieljlm/77ca9616f81349f23c44cc869a0ed7b7 to your computer and use it in GitHub Desktop.
Save penafieljlm/77ca9616f81349f23c44cc869a0ed7b7 to your computer and use it in GitHub Desktop.
  • Each user gets symmetric key, private key, and public key
  • Symmetric key = encrypts the data that only the user needs to see
  • Private key = decrypts the data shared to the user
  • Public key = encrypts the data shared to the user
  • Symmetric key is encrypted by user PBKDF2 of user's password
  • Private key is encrypted by user's symmetric key
  • Generate recovery codes for user and encrypt copies of symmetric key using these recovery codes
  • Encrypt user symmetric key using organization's public key for key backup mechanism
  • Stroe organization's private key in a password manager or something
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment