Dear mailing list,
A friend and me are working on a plugin that enables encryption on top of
Facebook messaging. The idea is to encrypt messages before they leave the chat
client, sending only the cipher to Facebook and decrypt the message on the
receiver client, before it is displayed. The
In very general terms, you cannot hope to achieve confidentiality
without authenticity.
Your key exchange does not offer authenticity. I would suggest instead
having the user's keys be signing keys, and do straightforward signed
ephemeral ECDH. This should also gain you forward secrecy.
What safeguards do you have against a MITM attack?
On Dec 17, 2013, at 12:01 PM, SafeChat.IM
i...@safechat.immailto:i...@safechat.im wrote:
Dear mailing list,
A friend and me are working on a plugin that enables encryption on top of
Facebook messaging. The idea is to encrypt messages before
On Dec 17, 2013, at 10:01 , SafeChat.IM i...@safechat.im wrote:
A friend and me are working on a plugin that enables encryption on top of
Facebook messaging. The idea is to encrypt messages before they leave the
chat client, sending only the cipher to Facebook and decrypt the message on
Sounds just like the Bitcoin blockchain to me. Or maybe the fork Namecoin.
- Sent from my phone
Den 18 dec 2013 02:20 skrev James A. Donald jam...@echeque.com:
On 2013-12-18 04:38, Joseph Birr-Pixton wrote:
In very general terms, you cannot hope to achieve confidentiality
without
On 17/12/13 21:38 PM, Joseph Birr-Pixton wrote:
In very general terms, you cannot hope to achieve confidentiality
without authenticity.
Actually, you can achieve confidentiality, you just can't prove it in
cryptographic terms.
The original poster should not be dissuaded by claims that no