Is there a way to develop and website using JS (and perhaps PHP) to create an E2EE website. Were all packets sent between the server and the userw device are E2EE, wrapped in a layer of encryption?

I know there is HTTPS but I am looking for something stronger than HTTPS.

By using some JS or PHP E2EE package, would I have to write or structure the website code very differently than you normally would?

  • Evotech@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    10 months ago

    I mean, the server would need to have the private keys in order to encrypt the data right

    • Max-P@lemmy.max-p.me
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      The idea is that the keys are client-side. You send them to the server encrypted, and it serves it back to other clients who have the password entirely client-side as well, and decrypts it.

      It’s basically what encrypted chat apps do: all they have is metadata but the payload is completely opaque to the server. It could just be a file of /dev/urandom for what it knows.