Objective : This project will involve building a complete module for Drupal 8 site to make it a zero-knowledge system using front-end JS encryption so that the users can rely on the site when uploading sensitive files, including images on confidential posts, not having to worry about data being stolen in case the server gets compromised.
Project Introduction and why this project is important : The implementation of a zero knowledge system is very essential for the user as they would want to rely on the CMS that their data is not being stolen and they are not being spied upon. Using client side encryption, sensitive data is already being encrypted before being stored on the server.
In a confidential post/article sharing sensitive information, the embedded illustrative images and attached files might contain more detailed information than the plain-text article that only provide an overview to the actual in-depth data in the document. Hence, having only the fields encrypted is of no use if the images and other files related to that secret article are leaked by the attackers, possibly posing a higher threat than leak of regular article field text.