• caglararli@hotmail.com
  • 05386281520

Key management for End-to-end encryption for Chat application

Çağlar Arlı      -    36 Views

Key management for End-to-end encryption for Chat application

I want to implement end-to-end encryption on my chat application (available on android, iOS and web). For that I've following mechanism in mind.

  • Generate Key pairs (Private key and Public key) on sign up
  • Send Public Key to Server (AWS)
  • Using another Key pair server will encrypt and store public key
  • When Another user wants to send message server will provide encrypted public key and another user will encrypt with his private key
  • Server will decrypt that message with own key pair which was generated on 3rd step
  • Server sends updated message to first message and he will decrypt with his private key

Is it proper or do I need to update anything from it?
My main question is that how can I manage private keys? Like Where do I need to store private key? on user's device? then what if he logs out and login to another device?