Score:1

Protect messages in online messaging system

my flag

On a website, I would like to implement a system where users can message each other. The content of the messages should be protected against attackers that are trying to read them.

My first thought was to use a public/private key pair for each user and encrypt the private key with the password of the user. In this way, a hacker gaining access to the database would not be able to decrypt the messages.

On the other hand, users frequently forget their passwords and need to reset them. This would then have the effect that all past messages are lost.

There is probably a better solution for the whole process and I am just thinking in the wrong direction. Can somebody guide me?

DannyNiu avatar
vu flag
Obligatory [meta discussion](https://crypto.meta.stackexchange.com/q/1566/36960), an answer will follow soon.
my flag
@DannyNiu Thank you. I am not trying to compete with anyone, I am just trying to add something to an organisation internal web site. I just want it it make easy and secure for the users, well integrated into the existing platform.
Score:1
vu flag

I'd suggest using pure access control for security.

Using public-key cryptography to protect user communication is very complicated, and have more subtle pitfalls than just users losing their message when resetting passwords.

For example, even if the communication between users are secure, you still have to protect your users from spams within your service systems. You can pre-scan the message texts sent by users before you let the other user receive it, and this is surely not doable if you encrypt user messages first.

Pure access control can get right, systems can be made secure against known attacks from hackers, you just need to spend more and constantly more effort in ensuring you follow best industry practice (e.g. using PKC to log into your administration account on the server, set DAC and MAC access control properly on your database, etc.)

Pure access control can be efficient. Using too much cryptography can complicate your security argument; but access control is often more consistent, and is efficient, both when configuring it, and when enforcing it.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.