Mattermost Peer-to-Peer Forum

Encrypt posts / messages in Database only


#1

In the standardconfig messages are stored in cleartext at the database. If I would like to encrypt the messages, I have to use data-at-rest-encryption. (very new to me!)

https://docs.mattermost.com/administration/encryption.html#database pointing to https://www.percona.com/blog/2016/04/08/mysql-data-at-rest-encryption/

So, as far as I understood it, you can ony encrypt all DBs with this.

There is no easier way to activate this via mattermost itself. e.g. “Activate DB encryption for messages”.

Thanks!


#2

Hi @mcdaniels,

Yes, you would need to follow the MYSQL documentation for this. Also, there is a config setting for regenerating the key: https://docs.mattermost.com/administration/config-settings.html#at-rest-encrypt-key.


#3

@amy.blais
Thanks for responding. As I am totally new to the encryption of DBs: If implemented like here: https://medium.com/@thegavrikstory/mariadb-table-encryption-419aeaede402

would’t it be needed to tell the table (posts) that it has to be encrypted too?

Do you know any good how to for the configuration of the encryption of DBs?

Thank you!


#4

I think MM could have end to end encryption.

Let the server generate keys and send and receive encrypted texts.

as easy as enable/disable encryption in the admin console.

Cheer


#5

Hey,
thanks, but this is a missunderstanding. I am already using ssl encryption via proxy so the messagetransfer itself is encrypted.

BUT: The messages are stored in die MM-DB. And this is happening in clear-text. So my goal is, to encrypt this data (the table in the DB).

At the moment I am using a retentiontime (5 days) for messages and files. So messages and files should be deleted after this timespan.


#6

Yes I agree. Database, as part of the process, should have the texts encrypted.

Just out of curiosity why are you deleting messages from the table?

History is quite a good feature in a chat app.


#7

We are sometimes exchanging data, which is security critical. The idea behind is, that this data shouldn’t be archived too long @ DB as it is cleartext. (for sure no good security solution, but at least a little bit).

There is no need at the moment for saving it longer.

The best would be to have at least a table-encryption of the “posts” in combination with message encryption while message exchange.

Unfortunatly I am a little bit confused about the DB-encryption at the moment.


#8

Hi @mcdaniels,

There is more detail about encryption here as well: https://docs.mattermost.com/overview/security.html#transmission-security. I believe currently we don’t have encryption within the database.


#9

@amy.blais
thanks for your reply. I am aware of the transmissionencryption :wink:

Perhaps you can implement a feature (at least for encryption of the posts in the db) in some future versions.


#10

Hi @mcdaniels, thank you for the feedback, would you like to contribute this idea in our Feature Requests forum: https://mattermost.uservoice.com/forums/306457-general?


#11

@amy.blais
ok, I will do that :wink: