End to End Encypted Messaging in a Cloud Chat Environment

Picture this.

Bob and Alice want to talk. Bob and Alice both have $service clients. One $service server exists.

Bob and Alice both sign into the clients, and a PGP key is generated for each. The server caches the public key. When Bob wants to message Alice, his client requests her public key, and encrypts the message, for both his key, and hers. The server caches the ENCRYPTED copy of the message, and then sends the message on to Alice. Now, if Alice accidentally deletes the message, she can request a cached copy from the server, and all is well. Alice and Bob are still the only ones who can read the message.

Sounds a lot like email with PGP as it is today, right?

What happens if you want message replication across multiple devices?

Message replication across multiple devices, with End to End Encrypted Chat

Alice buys Device2. She logs into the client on $Device2. Device2 generates a NEW key, sends the public key to the server, and sees that Alice already has a key and registered device. Device2 requests to access the messages on Device1. Device1 gets a push notification requesting access for Device2. If Alice says yes, Device1 pulls down the Device2 public key, reencrypts the message for all current valid keys, and for the Device2 key as well. Device1 pushes them to the server, overwriting the existing cache, and flagging Device2’s key to be used for future conversations as well. Bob’s client sees the new key for Device2 flagged, downloads the public key, and starts encrypting all new messages. Device2 receives all the cached, resigned messages, and all new messages going forward.

If all of Alice’s devices get wiped, Alice’s Device3 can request the messages from Bob. If Bob accepts, Bob’s client will reencrypt all the messages for Device3, and refresh the server cache so Device3 can keep going. Alice can also mark Device1 and Device2 as having invalid keys.

Potentially, a master key could be generated as well, for signing device keys, and providing a verifiable chain of trust, similar to how folks sign new PGP keys with their old ones before they expire.

Group Chat

Similar procedure could be used for group chat, kind of like an E2E IRC. Everyone in the room would automatically pull keys for everyone else and encrypt for the Room list.

Closing Thoughts

Please note, this is just a rough sketching out of an idea.

The basic concepts already exist, in PGP, OTR, and so forth, though I have yet to see it implemented in a “Cloud Chat” type setup, a la hangouts, telegram, etc. Very long message histories could be problematic in this scenario, as encryption/decryption can still be fairly intensive in regards to computational time. On the server end, this wouldn’t be a problem, but we want END TO END encryption, meaning all E/D occurs on the client devices, which in the modern world are mostly phones.

I plan to implement this in a service at some point, and work out the kinks. I’m just lazy.


Written on May 2, 2018