-
Notifications
You must be signed in to change notification settings - Fork 164
Encryption
Cypht encrypts data on the server by default, which means that data saved on the server between logins is encrypted, as well as session data that is maintained on the server while you are logged in. Cypht also supports using a database for authentication, so we need to properly hash stored passwords for security (technically not encryption, but relevant enough to be included in this page). If libsodium is available on the system, Cypht will use it for all encryption/password hashing routines. We do not use the deprecated PHP Mcrypt library, instead opting for OpenSSL. If the PHP random_bytes function is not available, we use the random_compat library.
This data is encrypted with AES-256-CBC, encrypt-then-MAC, and PBKDF2 key derivation. The session encryption key is a long random string generated on login and stored in a secure cookie. The persistent data encryption key is your clear text password to Cypht (stretched with PBKDF2). This ensures that the key is not available on the same server as the encrypted data, and that each user has a unique key value. It is not possible to recover a user's permanent settings if the password is lost.
Passwords are hashed with PHP's password_hash if avilable, otherwise they are hashed with 86000 rounds of PBKDF2 with a salt.
Cypht should be run over TLS, but because private data like the contents or an E-mail are always sent using AJAX requests, you can optionally encrypt these. We use the same encryption configuration as we do for sessions and settings, and the payload is converted in the browser using forge.js. The encryption key is a long random string embedded in the HTML of the page that made the AJAX request.
Cypht uses local storage as a cache for HTML snippets including message lists and E-mail contents. This can optionally be encrypted and uses the same process and key as AJAX request encryption.