Encrypt collection field

Hey,
I’m planning to encrypt the messages between two users in a chat application. All chats, users and messages are stored within a Mongo collection. Now I’m asking myself what would be the best approach for this? The main problem here is that the chat should be available on several devices, f.e. mobile and desktop. In this case I need to save all keys on the server to encrypt messages if the user logs in on another device. But saving the keys on the server (even encrypted with a master key) seems to be a problem for me. If someone get’s the master key which encrypts all chat keys, he can encrypt all messages (f.e. if he hacks the application server).

Any idea which approach would be the best for this?

There was a cool Meteor Mylar port created a while back for pretty much this exact purpose. I haven’t followed its progress much over the past little while, so I’m not sure if it’s maintained or even usable with current Meteor versions (doesn’t look like it from the repo - might be a good opportunity to help breath new life into the project for someone …). That being said, the ideas behind Mylar itself are quite interesting, and might be useful to adopt.