Hacker News new | past | comments | ask | show | jobs | submit login
ChatStep - Online Group Chat with Symmetric Key Encryption (chatstep.com)
14 points by gsundeep on July 4, 2013 | hide | past | favorite | 11 comments



I love these sorts of projects, but I don't trust them as a rule. If I can't independently verify the security myself, I don't use them. What sort of symetric key encryption does it use? What cypher? What hash algorithm? Does it provide perfect forward secrecy? Does it anonymize the sender in some way? What data is logged? Etc.


The good thing about symmetric key encryption in the browser is easy enough to check. You just need to make sure that messages/images are encrypted before being sent to the server, and that the password is never sent to the server. Also ChatStep uses sjcl so the crypto isn't homemade like CryptoCat.


Sure, I can verify that things aren't being sent in plaintext, and I can verify that they're using sjcl, but I can't verify most of the other things I mentioned. How do I know they're using sjcl right and not introducing some vulnerability (yes, I know I can dig through their JavaScript, but that's a plain in the ass)? I'm not saying I think they've got any problems; I'm just saying, be careful.

These sorts of tools, while convenient, are dangerous without a proper understanding of what you're doing. User beware.


And are you going to verify every message? Because the JS can be changed without you ever realizing it.


How can you make sure that the password is never sent to the server?

It could be encrypted with their own password, encrypted as a url to a css file, etc.


By the way, wasn't Cryptocat shot down initially for its "host-based security" [1]? Why didn't ChatStep learn from that?

[1]: http://www.wired.com/threatlevel/2012/08/wired_opinion_patri...


How do I self host this? I would like to use something like this but only if it's self hosted.


Exactly, otherwise there is no point really.


Why not? In this case the server doesn't have to be trusted, only the client implementation.


But you are downloading the client implementation from the server.


the server is trusted to serve valid crypto code. basically, unless i control the server, there is no way in hell i would be using this.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: