I just finished installing Passbolt on Debian 9 and quite pleased so far. However I would just like to get some clarification about how the sharing functionality works (at a broad/high level).
I read that Passbolt uses OpenPGP (in fact setting up a key with GPG was part of the setup), so I am guessing that:
- public-key cryptography is being used, so each user has a public key and a private key.
- the private key is encrypted using the passphrase users specify when they create their account.
- the decrypted private key is not stored on the server. The encrypted version may or may not be.
- the public key is stored on the server for each user.
- If Joe wants to share a a password with Susan, he fetches her public key, and uses it to encrypt the password before that encrypted text is stored in her area for her to access.
- Susan can then access the password by decrypting that text with her private key (which she decrypts with her passphrase).
- Whenever the password is changed, by either user, it has to be re-encrypted for all users it is shared with, using each user’s public key.
Does each group have its own public and private key?
If there is a public/private key for the group, I guess each user has a version of the private key that is encrypted using their public key. When Joe adds Susan to the group, he decrypts the group private key using his private key before re-encrypting it with Susan’s public key, which is stored in an area for Susan to access.
In order for Joe to access a password in a group, he needs to have:
- been given access to the group by being given an encrypted version of the group private key, which was encrypted using his public key.
- decrypted his private key using his passphrase.
- used his decrypted private key to decrypt the group private key.
- use the decrypted group private key to decrypt the password in the group.
If a user is removed from a group does this just result in the user’s version of the group key being deleted, or does a new key get generated for the group and a whole bunch of re-encrypting the passwords etc?
How much of that did I get right? Perhaps there is a good webpage/wiki for me to read somewhere on how password sharing is implemented in Passbolt?