I have a general question about the right handling of sensitive data.
Use case scenario
A user sends sensitive data (documents or images) via an API to a Node.js server. The server then stores the data on the IPFS.
Currently the server is used in order to encrypt and decrypt the data, so that the plain text isnt stored and available on the IPFS. For encryption I am using a combination of AES and RSA similar to this example.
Questions
- Would encryption with AES alone be sufficient, since hybrid encryption of AES and RSA is not really used in this case?
- Should I add an additional layer of security between the client and the server (hybrid encryption, session key ...) or is a standard HTTPS connection sufficient in this case?
- Any other tips or best practices I should consider? (I am not an security expert)
EDIT
Requirements and important points
- The application is supposed to create licenses for uploaded Content. For this reason, the uploaded content should be secure and accessible only to authorized persons.
- A person is authorized to view content if a corresponding license is available (can be queried by the system).
- User experience and simplicity is important aswell
- So I think a proper balance of security and usability would be ideal. Complexity or financial costs don't matter at first.
In principle, a user should not have to possess a private key. Therefore, I thought that hybrid encryption might be appropriate if an HTTPS connection is not "secure enough". My understanding would be that the server has a private and public key. When the client connects, the server tells the client the public key. Then the client generates a key for symmetric encryption (e.g. AES) and encrypts it with the server's public key. In this way, the key can be decrypted by the server and both parties have the AES key. This key can then be used to send encrypted content to the server and decrypt it there. The decrypted content can then be re-encrypted and stored on the IPFS.
Thanks in advance.