End to End Encryption (E2EE)
New in LiberaForms v4.0
This feature was added in version v4.0 of LiberaForms and can be disabled by your admin. You can check the technical details on the feature release post.
On regular computing systems, data is stored "in plain", and LiberaForms was no different.
In particular, answers got saved in the database exactly as users entered them, which meant that sysadmins (and possibly those with unauthorised access) could potentially read those answers.
End to End Encryption (E2EE) is a private communication system in which only communicating users can participate
That's where End to End Encryption (E2EE) comes in.
This feature allows you, to ensure that a form's answers are readable only you and those you chose to share those answers with.
You can check the technical details on the feature release post.
Quick overview¶
In LiberaForms there are two kinds of keys:
- form keys: which protect the answers of a given form
- personal keys: which protect the form keys that you have access to
When we talk about keys without specifying, we actually talk about key pairs, that is, there is:
- a private key: which must be kept secret and only those with access to it can decrypt (read) data that is protected its public key
- a public key: which helps identify a user or a form, and is needed to encrypt (protect) data, so that only those with access to the private key can decrypt (read) the data
Configuring personal keys¶
With that out of the way, here is how you configure your keys, which must be done before enabling answer encryption on a form.
These keys are used later to protect Form Keys, which in turn protect your Form Answers.
Generating Keys¶
When you configure your personal keys, a pair of keys is created.
You will notice we show you a 'Key Fingerprint', that's just an identification of the key in case you ever need to compare them.
Public key¶
The public key is not a secret. In fact, we need to keep a copy of your public key on the server and it will be shared with other editors if necessary to share answers.
Private key¶
The private key is a secret. You, and only you, should know and have a copy of the your private key.
You must keep a copy of your private key.
If you lose your private key you will permanently lose the answers to all your encrypted forms.
We do not know or keep a copy of your private key. If you lose your private key, we cannot help you. BE WARNED!
Your private key only gets unlocked when listing answers or when sharing answers with new editors.
Saving your public key on the server¶
As mentioned, LiberaForms needs to save your public key on the server. Before you do this, LiberaForms will require you to backup your key, do not ignore this.
You will also have to acknowledge you have understood and taken precautions about how to protect your data.
Backing up Keys¶
You can backup your keys any time with the Backup Key option.
Restoring Keys¶
When the server knows about your public key, you will be able to restore your private key from a Backup.
This will allow you to access your Form Keys and Answers again if you change devices.
Usage of personal keys¶
Your private personal key is only used to unlock Form Keys. This key never leaves your browser, except to your clipboard when using the Backup functionality.
Public keys are used whenever someone shares an encrypted form with you. This allows the server to never see a Form's private key while also enabling collaboration.
Configuring Form Keys¶
Similar to your personal keys, each encrypted form has a pair of keys a private and a public one.
Usage of Form keys¶
Form Keys can be used in three different occasions::
- Somebody answers your form: The answers are encrypted with the public key
- You want to see encrypted answers: The answers are decrypted with the private key, which is protected by your personal key
- You want to share encrypted answers): The form private key is encrypted with another user's public key
Form key storage¶
Remember when you configured your personal keys?
To make key management easier, your personal public key (we keep a copy on the server) is used to automagically encrypt each Forms' unique keys and then store them on the server.
This means that:
- Only you, or those you share the form with, have access to your Forms' keys (via your personal private key)
- You are not required to make a copy of your Forms' keys
You can still chose to manually backup and restore your keys.