Security Recommendations for CryptPad
During the writing of the cryptography white paper, we discovered multiple issues and limitations in the current version of CryptPad. While none of them are classified severe, requiring immediate action, or posing a serious threat for users, they nevertheless should be addressed.
In this document, we list the problems, show their consequences, suggest how to fix them and outline possible drawbacks. We classified them into three different categories: short-term improvements that can be done immediately within the current version of CryptPad, mid-term improvements that require the introduction of a new version of the encryption schemes, and long-term improvements that can only be addressed with architectural changes.
The file
prng.js
sketches the idea of generating an “infinite”
stream of derived seeds.
Short term improvements
- Asynchronous Cryptography Functions
- Contact Verification
- Encourage non-default instance salt
- Enforce Self-Destructing Links
- Limit Login Block Size
- More Entropy for Login Keys
- Name of Team Roles
- Prevent replay of old patches
- Thumbnails of Destroyed Documents
- Update TweetNaCl