I created a PoC Application with CUBA which employs symmetric (Blowfish) encryption on the server side. It was easy to implement via a JPA Attribute Converter. To have at least some End-To-End Encryption, I added an SSL Layer to the server instance.
However, this solution still requires the provider of the server to be trustworthy. As encryption takes place on the server the provider could connect to the server application and spy out passwords through debugging, logging etc.
Because CUBA provides the whole CRUD functionality between client and server, it seems not too easy (from an Application developers point of view) to implement an End-To-End encryption with it. That would require an extra encryption/decryption layer on the client side as a communiction endpoint for the server part of the application. As nowadays security and encryption plays an important role, that would nevertheless be an interesting feature.
Is is possible to provide End-To-End Encryption for a CUBA Application with reasonable effort?