Negative PID SL
Diffie, Hellman, and PKC
https://negativepid.blog/diffie-hellman-and-pkc/
#DiffieHellman #cryptography #PKC #Cybersecurity #onlineSecurity #Internet #tech #IT #science #STEM #computing #inventions #innovation #negativepid
Dhole Moments - Software, Security, Cryptography, and Furries [Unofficial]Cryptographic Issues in Matrix’s Rust Library Vodozemac
Linus Gasser#cryptography #diffiehellman
Today @docta_gervais asked me to look at his article on encryption, and all of a sudden I was like: "Why the hell do we still use Diffie-Hellman?"
Alice
- creates a new keypair (like DH)
- signs her public key with her long-term public key (like DH)
- sends her public key to Bob (like DH)
Bob
- encrypts a random symmetric key with Alice's key (NEW)
- sends it to Alice (like DH)
Alice
- decrypts the symmetric key and uses it for communication (NEW)
xoron 
Ann Dooms… and here is the other half 😀
#MartinHellman #DiffieHellman #HeidelbergLaureateForum #HLF25
Fangirling hard @ Heidelberg Laureate Forum 🤩
#LeslieLamport #LaTeX #WhitfieldDiffie #DiffieHellman #TomCrawford #tomrocksmaths #EMS European Mathematical Society
An #E2EE messaging app unaffected by #ChatControl
* App: https://chat.positive-intentions.com/
* Code: https://github.com/positive-intentions/chat
* Reddit: https://www.reddit.com/r/positive_intentions
How it works: https://positive-intentions.com/docs/projects/chat
TLDR: I'm working on a #P2P messaging #webapp. Webapps are generally not considered secure because of the nature of serving statics over the internet. This is correct, but not a limitation of this project. (#selfhosting options: https://positive-intentions.com/blog/docker-ios-android-desktop).
As a webapp, I can provide the app with zero-installation and no-registration. The app is only using (local-only) browser storage (specifically #indexedDB). So in a P2P interaction, the traditional concept of "the cloud" is just the physical devices connected over #WebRTC. This allows for things like P2P authentication: https://positive-intentions.com/blog/security-privacy-authentication.
Future:
I'm aiming to create the most secure messaging app out there... (more than #Signal, #Simplex, #threema, #session, #deltachat, #bitchat, etc). I know I have a long way to go to get there. The UI is fairly ugly for the average user, but I think the mechanics are working as expected. I think #JavaScript is underrated in what you can do with it. I'm actively investigating improving the #encryption approach further to align to how the Signal protocol works (currently using a #DiffieHellman key-exchange).
Support:
In the age of #ChatControl, I would like to keep this project #opensource, but open-source funding is not working for me. I don't want your donations (but don't let that stop you) because it isn't sustainable for a long-term project. I have so far only experienced grant-funding rejections. I have no idea what I'm doing in trying to get funding for this project, so any support/advice is appreciated. In recognition of the project in its current state not being able to get funding... (sorry) I will have to go #closedsource (which I'd like to avoid because it undermines several #cybersecurity claims I'd like to make). I don't accept collaboration on the project because this would make tough decisions like going closed-source also immoral.
#privacy #security #messaging #decentralized #peer2peer #webdev #cryptography #selfhosted #FOSS #tech #infosec #developer #funding #startup