All articles

The road to Passbolt v5 – Encrypted metadata and other core security changes

9 min. read

RB

Remy Bertot

11 December, 2024

Introduction

On Balancing Auditability and Privacy

Fig. enterprise vs consumer requirements
Fig. enterprise vs consumer requirements

The Core Shift

Which metadata will be encrypted?

How will metadata be encrypted?

  1. Personal Keys: Metadata is encrypted with the user's personal OpenPGP key, ensuring complete privacy. Only the user can decrypt and access the data.
  2. Shared Metadata Keys: Metadata is encrypted with a shared key managed by administrators, allowing authorized users to access the data. This approach balances privacy and administrative oversight.
Fig. high level encryption scheme for one item
Fig. high level encryption scheme for one item

Cryptographic access versus logical access

Fig. type of access required
Fig. type of access required

Searchability and Performance

How will the shared key be shared?

  • “Server knowledge mode”: the shared metadata keys are available to the server and can be shared by the server when a user completes the setup. The application can in practice see the shared metadata. There is no “zero-knowledge”, but this is still a nice improvement, since in this case metadata is encrypted additionally at rest (in the database and backups) and in transit (on top of TLS).
  • “Zero-knowledge mode”: the shared metadata keys are not available to the server and must be shared with users by the admins. Users are not allowed to create shared content unless they have access to a valid metadata key. This will be a feature that is supported in both modes, to allow administrators to recover from situations for example when sharing a metadata key with a user failed during setup.

What does it mean in terms of security?

Fig. risks scenario coverage
Fig. risks scenario coverage

What is the timeline for this migration?

Fig. high level tentative timeline for v4 decommission
Fig. high level tentative timeline for v4 decommission

Moving forward

Continue reading

How to resolve NGINX 502 Bad Gateway errors after an OS upgrade?

3 min. read

How to resolve NGINX 502 Bad Gateway errors after an OS upgrade?

During an in-place upgrade on a passbolt server such as moving from Debian 11 to Debian 12 or Ubuntu 20.04 to Ubuntu 24.04 for example, configuration files may need adjustments to ensure a seamless transition.

Antony Bartolomucci

Antony Bartolomucci

18 December, 2024

Automating Passbolt Maintenance

4 min. read

Automating Passbolt Maintenance

Automate Passbolt server maintenance with a custom bash script. Manage disk space effectively, improve performance, and schedule tasks for reliable upkeep.

Antony Bartolomucci

Antony Bartolomucci

3 December, 2024

Flag of European UnionMade in Europe. Privacy by default.