9Ara
Key management for End-to-end encryption for Chat application
I want to implement end-to-end encryption on my chat application (available on android, iOS and web). For that I've following mechanism in mind.
- Generate Key pairs (Private key and Public key) on sign up
- Send Public Key to Server (AWS)
- Using another Key pair server will encrypt and store public key
- When Another user wants to send message server will provide encrypted public key and another user will encrypt with his private key
- Server will decrypt that message with own key pair which was generated on 3rd step
- Server sends updated message to first message and he will decrypt with his private key
Is it proper or do I need to update anything from it?
My main question is that how can I manage private keys?
Like Where do I need to store private key? on user's device? then what if he logs out and login to another device?
