General Programming Discussion

8232 readers

16 users here now

A general programming discussion community.

Rules:

Be civil.
Please start discussions that spark conversation

Other communities

Systems

Functional Programming

Also related

!opensource@lemmy.ml

founded 6 years ago

MODERATORS

Restioson@lemmy.ml

Cloak@lemmy.ml

Request for comments on a encrypted messaging protocol I'm developing (github.com)

submitted 1 week ago by lucas_givens@lemmy.world to c/programming@lemmy.ml

3 comments fedilink hide all child comments

Hey everyone! I'm looking for some comments / discussion on a peer to peer encrypted messaging protocol I'm developing called Mariposa.

It functions on top of TOR, using hidden services to hole punch through firewalls and to provide anonymity.

you are viewing a single comment's thread
view the rest of the comments

[–] teri@discuss.tchncs.de 2 points 1 week ago

Maybe you could also consider to extend an existing good PQC protocol (for example https://signal.org/docs/specifications/pqxdh/) by adding a shared secret. The shared secret could flow into the key derivation functions which are used to derive the symmetric encryption keys. This way you would have quite strong guarantees (forward secrecy) as long as nobody can break the PQC algorithm and still some guarantee of confidentiality when somebody breaks asymmetric primitives. In the protocol you outlined now, there's no forward secrecy. Meaning that once a key is compromised, all past and future messages can be decrypted.