PubNub is a HIPAA-compliant instant messaging platform that supports message and file encryption using AES-256-CBC.
The provided encryption is flawed, it drops half of the entropy from the encrpytion key, effectively half of the encrpytion key is constant.
The getKey function does an SHA-256 on the provided key string to make it the required 256bit (32byte) length for the AES-256. Then it's hex encoded, doubling the length in bytes then trimmed to 32 bytes. Due to hex encoding and trimming half of the bits in the key are always the same for every encoded message or file.
https://github.com/pubnub/javascript/blob/master/src/crypto/modules/web.js#L70
async getKey(key) {
const bKey = Buffer.from(key);
const abHash = await crypto.subtle.digest('SHA-256', bKey.buffer);
const abKey = Buffer.from(Buffer.from(abHash).toString('hex').slice(0, 32), 'utf8').buffer;
return crypto.subtle.importKey('raw', abKey, 'AES-CBC', true, ['encrypt', 'decrypt']);
}
SDK users can use their encryption before sending data to
publish
methods if built-in encryption doesn't work well for them.We have certain changes on the roadmap, which should let users specify their modules for crypto, network, and JSON parsing – but all this can apply only for new users. Encryption / decryption can't be changed that easy because it will affect existing users, and they will lose access to already generated data stored in history.
New users without apps in production will be able to use new approaches, but old customers will stay on the old one (disabling new approach with configuration flags) because it is impossible to make all app users update altogether, and some old versions won't be able to process received data.