Encryption

Being a tool “from developers to developers”, the main concern is the safety and privacy of Notify17’s users’ content.

What this means is that the entirety of users’ generated notifications is encrypted with a private/public key  encryption approach. This way, Notify17’s backend knows nothing about users’ generated notifications, and places the ownership of this content directly in users hands.

The end result of using this approach is that users’ generated content is decrypted only on users’ devices, without it ever be visible/decryptable in the backend side of Notify17.

Public/private key pair

Each user owns a specific public/private key pair, generated when the user first registers and enters their encryption password.

  • The public/private key pair is generated in memory.
  • The private key (privateKey) is encrypted (encPrivateKey) with a random encryption key/IV pair (privateKeyKIV).
  • privateKeyKIV is then encrypted (encPrivateKeyKIV) with the user encryption password.
  • encPrivateKey and encPrivateKeyKIV are then stored in the database.

Client-side

When Notify17 is then accessed on a client (e.g. the iOS app):

  • encPrivateKey and encPrivateKeyKIV are fetched from the database.
  • User enters their encryption password, which in turn decrypts:
    • encPrivateKeyKIV -> privateKeyKIV
    • encPrivateKey -> privateKey
  • privateKey is then stored in a safe keychain.

Example: new content is generated

  • A new notification is generated in memory.
  • The notification content is encrypted (encContent) using a random encryption key/IV pair (contentKIV).
  • contentKIV is then encrypted (encContentKIV) with the user public key.
  • encContent and encContentKIV are then stored in the database.

Client-side

When the notification reaches the client (e.g. the iOS app):

  • privateKey is retrieved from the keychain.
  • It is then possible, on the client, to decrypt:
    • encContentKIV -> contentKIV
    • encContent -> content
  • The user can see their content.