Vault sharing via Git about polykey HOT 6 CLOSED

A secret bundle can be encrypted with multiple keys at rest. That is, a bundle will be encrypted with the key of every node that bundle it shared with. We also need to look at how send the encrypted bundle in transit. Look into how git implements transmission of repos. Look and at TLS encryption which is used more often for data in transit.

from polykey.

There also needs to be a sort of a handshake when pulling a bundle, the puller needs to prove to owner of the bundle that it has a private key that is able to decrypt the bundle, so it can send a signed message.

from polykey.

from #13

Imagine two key nodes A and B have synced a particular vault. Now A wants to update/add secrets and does not those secrets to be shared. Since the vault key for this vault is still the same, if B manages to somehow get the encrypted, updated version of the vault it will be able to decrypt it. We need to avoid this issue.This can be done by never sharing the vault key. There is no need. A vault key should only be used to for encryption of secrets at rest for a particular keynode and only that keynode. This means each keynode will maintain its own private vault key (still symmetric) for each vault.But how will a keynode be able to decrypt the vault on synchronisation? It won't. We are using git for transmission occurring the upper dir, which is sandboxed and secure. The transmission channel iteself it secure using tls. The vault is now in the recipients upper dir, once again secure. So at no point during the transmission of the decrypted vault from upper dir to upper dir, is the security violated. Once in the upper dir, the recipient can encrypt it with it's own vault key and persist it.
--

from polykey.

A secret bundle can be encrypted with multiple keys at rest. That is, a bundle will be encrypted with the key of every node that bundle it shared with.

Just in case it wasn't clear with the previous comment, ^^ this is not the case anymore. It will only be encrypted with one key. That key is the keynode's symmetric vault key.

from polykey.

Git vault sharing was implemented in PR #43

from polykey.

Authentication is done via SSL certs and secure gRPC connection, template authorisation is done in the vault itself by storing a list of pubKeys that can access the specified vault. A better authorisation model can be implemented at a later date.

from polykey.