Every registered user should have the ability to start a topic. A topic is always bound to a TruYou account.
Users can respond to a topic by placing a response to the specific topic. These too are always bound to a TruYou account.

Topics and responses can be seen by anyone, even if they do not have a TruYou account. Only registered users can create topics and responses.

Implement user data and authentication. User data contains:

• Name
• Email
• Password
• Private key

The private key is to remain confidential, but can remain on the server as long as it is encrypted. Encrypt both the private key (preferably encoded using something like Base64) and the password with the password, so only the user will be able to decrypt the information. The public key of the user can remain unencrypted (though preferably also encoded).

The user data should also contain a certificate, signed with the private key of the server. This requires a minor modification of CertificateUtilities#createCertificate which currently accepts a KeyPair. This should be split into the public key of the client, and the private key of the server.

The private key of the user should be generated by the user, and be encrypted with their password before it is sent to the server. The reason this key is to be stored is so it can be accessed by the user later, on different devices.

Actions like registering, logging in, and creating a topic/response should be logged (persistent).

After an account has been registered, users should be able to log in. This requires the default content encryption (encrypted with private key, containing public key). The password should be encrypted by the client.
The client should look up the private key file of the associated user and attempt to decrypt it using the entered password, if it can not be decrypted the login fails and nothing is requested from the server (though the action is logged).
The server responds with the user's data (email, name). The password should not be sent back to avoid additional interception risk.

Design the initial encryption setup which allows the client (UI) and server to communicate. Neither have to send relevant information for the time being, a simple "hello world" is sufficient.

Requirements:

• Encryption with public key is not allowed
• Encryption with private key is allowed, as long as the public key is truly public
• Each user has their own key set
• Integrity is ensured
  • Can be done using a hash, ensure this is also encrypted with the private key
• Authenticity is ensured (done with private key encryption)
• Where possible, use existing protocols (HTTP?)