Desktop: Have a button that shows the E2E code

Do we really want that anybody that has access to the computer can see the encryption passphrase?
I understand this as showing it once a time and then it is the responsibility of the user to keep it safe, just like other passwords. We also do not show the current password on the web ui ;-)

If anyone can ask the password for the files then there's no security after all. I feel this is a non issue.

Agreed with comments above: this is not an issue. I will close it.

Sorry guys, this is explicitly how we designed the end-to-end encryption, read the design document ;-)

We assume user makes mistakes. Forgetting or not writing down a 12 word passphrase is mistake nr 1 you can expect and the result of that should not be that you can't add other devices and effectively have to create a new user account.

Yes, you have to create a completely new user account and you lose all your shares, settings, history and everything else if you lose your mnemonic because we pin user certificates and don't allow a new identity for users for security reasons...

https://github.com/nextcloud/end_to_end_encryption_rfc/blob/master/RFC.md#handling-of-complete-key-material-loss
-> every device has to be able to recover the mnemonic. Heck, Tobias even created an issue to be able to show mnemonic to the user in the form of a Qr code: https://github.com/nextcloud/client/issues/152

So yes, this is a must-have feature: show the mnemonic so I can add a new device, like a new desktop, or mobile phone.

And yes, our design is not protecting users from theft of a device. If a thief has access to all the user files (....) the access to the mnemonic is the last of the users' worries. A device has to be properly protected. Also note we store the mnemonic in the device key storage (or, we are supposed to according to the design doc) which generally is encrypted.

Yes I already pointed to the RFC but...

We assume user makes mistakes. Forgetting or not writing down a 12 word passphrase is mistake nr 1 you can expect and the result of that should not be that you can't add other devices and effectively have to create a new user account.

That is not true. You could simple revoke the key. The whole point of the way it was designed was that you had it per folder. This would only be true if you encrypt your whole account (which we can't even with our approach).

A device has to be properly protected.

Sure. But lets be real. You trust users with properly protecting their devices but not with securely storing 12 words :speak_no_evil:

Also note we store the mnemonic in the device key storage (or, we are supposed to according to the design doc) which generally is encrypted.

Sure. But for example on the desktop if you forget to lock your account that doesn't help you one bit :wink:

Anyway long story short. Yes this will be fixed. But it is far from critical for the tech preview.

In companies or other organisation admins install E2E and users click away dialogs. E2E gone forever or user account doomed. this is not feasible. this is a diabolic pitfall, masterfully set up.
In an organisation/company there is no way to set up e2e without lost codes. the code must be recoverable by some means.

The code already is recoverable using the system wallet. I fail to see the
issue.

On Fri, 16 Mar 2018 at 20:15 stefan notifications@github.com wrote:

In companies or other organisation admins install E2E and users click away
dialogs. E2E gone forever or user account doomed. this is not feasible.
this is a diabolic pitfall, masterfully set up.
In an organisation/company there is no way to set up e2e without lost
codes. the code must be recoverable by some means.

—
You are receiving this because you commented.

Reply to this email directly, view it on GitHub
https://github.com/nextcloud/client/issues/157#issuecomment-373817318,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AD1zUJNGzgjnmFiXA67JiTV2sY7tvHaJks5tfA81gaJpZM4Rz_CZ
.

According to @jospoortvliet, this is a blocker for the next release.

We discussed this at the Hackweek.

Just to be clear, with 'code' or 'key' we are talking about the MNEMONIC. The mnemonic is created when the user identity (public/private key pair, signed certificate) is made and used to encrypt the private key.

Users can only ever have ONE private and public key associated with their user account as other clients use Trust On First Use (to protect from MITM attacks) and a correctly implemented client will reject any changed key.

So there is also only ever ONE mnemonic, no matter how many encrypted folders you have.

The private key and mnemonic have to be VERY hard to lose as the user account is burned after losing them.

For this, the private key is kept on the server, encrypted with the mnemonic. The mnemonic is kept on all client devices, so that, as long as a user still has one device, they can recover their mnemonic and (re) add other devices.

The conclusion was: we do as it was designed.

There must be a button that shows the mnenomic to the user so he/she can set up a mobile device or laptop. Just like mobile devices have to be able to show the mnenomic so the user can set up a desktop or another mobile device.

View my talk at CCC if needed:
https://media.ccc.de/v/34c3-ChaosWest-12-nextcloud_end_to_end_encryption

I talk about the mnemonic a fair bit.