I'm assuming you're talking about more than simple encryption of a text field in a database, so you want robust end-to-end encryption with verification of clients and so on - then in that case the...
I'm assuming you're talking about more than simple encryption of a text field in a database, so you want robust end-to-end encryption with verification of clients and so on - then in that case the Signal Project has all their specs and some libraries available and that's where I'd start. No sense reinventing the wheel, especially with crypto. If it's the former then good old RSA or Blowfish would be fine. As far as I know most languages have some implementation of those.
Could you use something like https://openpgpjs.org/ ? Encrypt and send messages via pgp, you could host the encrypted private keys or just have them saved offline - the risk being that if they...
Could you use something like https://openpgpjs.org/ ?
Encrypt and send messages via pgp, you could host the encrypted private keys or just have them saved offline - the risk being that if they lose it, they will lose access to the messages
I'm assuming you're talking about more than simple encryption of a text field in a database, so you want robust end-to-end encryption with verification of clients and so on - then in that case the Signal Project has all their specs and some libraries available and that's where I'd start. No sense reinventing the wheel, especially with crypto. If it's the former then good old RSA or Blowfish would be fine. As far as I know most languages have some implementation of those.
Could you use something like https://openpgpjs.org/ ?
Encrypt and send messages via pgp, you could host the encrypted private keys or just have them saved offline - the risk being that if they lose it, they will lose access to the messages