Suggestion: Document the cryptosystem used to encrypt notes in the database. #4
Assignees
Labels
documentation
Improvements or additions to documentation
Comments
|
Hello @virtadpt Where would you like to see this information being documented?
|
|
At https://alextselegidis.com/get/plainpad would be good, because that's the first place folks are likely to look (or google). A comment in the source code would also be helpful, because technical users are likely to go grepping through the files looking for hints as to what is used (as I did). |
alextselegidis
added
the
documentation
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As far as I can tell, Plainpad's app/Models/Note.php module uses Laravel's lluminate\Support\Facades\Crypt class. Some research suggests that the Crypt module implements AES-128 and AES-256, though I haven't found anything definitive about this, nor have I found the cipher mode that it implements (ECB (I hope not)? OFB? CBC?) It would be very helpful to know for sure what was used and how to come up with a threat model for Plainpad.
The text was updated successfully, but these errors were encountered: