Skip to content
rugk edited this page Sep 20, 2015 · 19 revisions

Security guide

This is a small security guide to show you what things you should or should not do. As it is just a guide it's up to you what rules you follow and what not.

Do's

  1. Obviously for real security you should use the end-to-end-method.
  2. Use a keystore. There are some implemented in this API, but you can also easily develop your own one. By using it you not only prevent querying the server for every message, but also increase the security of the messages as it's more difficult to intercept the connection and spoof the public key.
  3. Protect all files from access through the website. If you want to use the Gateway in another PHP script, include the necessary files.
  4. Especially protect the private key file and the keystore. It's also does not hurt to protect your public key file. For instance the PHP keystore already provides a basic protection as the PHP script is parsed, so that the file won't be publicly visible even if a user is able to access the site. [Not merged yet]
  5. Use the TLS options of ConnectionSettings and choose strong settings for them. The example used in the Readme should include strong settings, but please be aware that this may change over the time as TLS develops. [Not merged yet]
  6. Use an encrypted file system, so your private key is protected.
  7. The best way to securely get the public key of a receiver is to extract it from the QR code. You can find the format of the QR code in the Threema whitepaper (page 3).

Don'ts

  1. Do not share your secret. If you also receive messages it is important that only you know your secret as this is the one which is used by the HMAC to verify the message.
Clone this wiki locally