|
|
|
|
|
|
by deidei
1225 days ago
|
|
|
>What are you going to do to keep the key safe in the scenarios of your threat model where an adversary can access the DB contents? One option that I have been thinking is -
1. When user signs up, generate an encryption key and ask the user to save it securely. (With the warning that in case this key is lost, the user would have to configure the Client Secrets again)
2. Whenever the user makes an API call that involves reading/writing sensitive data, require him to provide the encryption key as well. Here I won't store any encryption key on the server side and only the user will be able to decrypt the data. |
|
|