We run a web app with a sort of end-to-end cryptography system, where everything is encrypted with keys derived from the user password. We know that this is not ideal however, it seems like the best solution we currently have.
Recently a request for SSO implementation also came. From this it seems that implementing SSO and also E2EE, without the need for a desktop or mobile app is possible, but that is the only mention I found.
Is there a way of getting some secret from the SSO provider that is unique for each user and is secure to use for encryption of user data? Or is this just generally not a good idea at all?
I went through AWS Cognito and Auth0 docs but didn't find anything useful. Currently, we have some implementation underway in AWS Cognito, but don't mind switching to another provider.
The main principle of E2EE is that the service providers does not know about the user secret key. This implies that the secret key, whatever it is, must be kept user-side.
On the other end, the main principle of SSO is that service providers does not ask for users passwords, generally a perishable token users get from an identity server.
So at first sight indeed, the two principles appears incompatible if the user password is used in the encryption mechanism.
This blogpost from Dave Baker explains how the matrix protocol deals with those difficulties and achieve to implement E2EE and SSO and multiple devices.
Spoiler: additional work is required from the users as they need to enter a passphrase once on each device they use, and interlocutors also need to verify each-other's identity at least once, in an out-of-band manner.