0

I'm looking to implement end-to-end encryption for messages sent between users in my Laravel app. I want to encrypt these messages in a way that they are only viewable by the sender and receiver (just like in secure messaging apps like WhatsApp). No one else can read them, including admins or dbas.

How would I go about doing this?

I should also mention that the messages will be sent through the browser to the server by a JavaScript AJAX request and pushed to the other user by Node.js / socket.io setup.

John1984
  • 917
  • 2
  • 13
  • 23
  • 1
    This question really needs an answer, I've been searching a lot of websites trying to find a way to implement E2EE properly, and only thing I found was an abandoned project with unordered things and not working. People need to know how to implement a REAL E2EE application, eg: a chat or even a simple login or data sharing. I found some articles about Diffie Hellman, but that's just a part of what E2EE is. This question MUSTN'T have that downvotes, need a proper solution. You may say that @John1984 didn't searched anything, but the thing is, there is nothing... – Máxima Alekz Jun 10 '20 at 20:30

1 Answers1

1

Would be helpful if you have posted some examples that you have tried. Here are the steps that you can follow to achieve it.

Step 1. You will have to establish a private chat between Client and server. An example can be seen here: Creating a private chat between a key using a node.js and socket.io

Step 2. Add encryption/decryption logic for the messages at Client side. Here is a logic for the same: https://github.com/sytelus/CryptoJS

Community
  • 1
  • 1
Srikanth Jeeva
  • 3,005
  • 4
  • 38
  • 58
  • 2
    This isn't E2EE, and link only answers are also a poor way to answer questions. – Luke Joshua Park Nov 15 '16 at 21:41
  • Why is this approach not E2EE? encryption and decryption logic is only in the client side. The ISP or DBA will not know actual message. – Srikanth Jeeva Nov 15 '16 at 22:58
  • It is really hard to get right with E2EE, so any answer is not bad, unless someone comes with a proper solution, if not then all small answers can't be taken as bad, how could you say this is not a way if there isn't a proper solution yet? – Máxima Alekz Jun 10 '20 at 20:32