Since the Pubkey Encrypt encryption mechanism is based on users login credentials, if a user forgets his login credentials then he won't be able to decrypt any encrypted data. Now we need to figure out a way on how to help such a user recover his access to data. Or we could decide to simply not cater to this use-case.

ownCloud Data Encryption model, upon which Pubkey Encrypt is based, caters for this scenario by giving the administrator an option of creating a master key so in case a user forgets his password etc., still the master key would be present for decrypting the data. But ownCloud clearly mentions that choosing this option will reduce the overall security by a sizeable factor. And we cannot go with this option because if we allow for the existence of a master key, then why not encrypt all data using it instead of involving user credentials i.e. the basic purpose of Pubkey Encrypt would get broken if such a mechanism is made available.

In our case though, users in a website with "administer permissions" permission are given complete control over all encrypted data. So we can involve them somehow to ensure that even if a user resets his login credentials, still he'd be able to access the encrypted data.

Comments

talhaparacha created an issue. See original summary.

talhaparacha’s picture

Status: Active » Postponed

For now, not allowing a user to change his credentials without providing existing credentials... This means that he won't be able to access data if he forgets his login-credentials.