
Ask HN: How hard is it to build a basic self hosted secure messaging app - nstart
From all my reading on how secure messaging apps are built, outside of securing infrastructure, from my understanding, for a conversation between two people each using a unique device:<p>- Each device would need to generate it&#x27;s own public&#x2F;private keypair for use in chats.<p>- The devices swap public keys for encrypting messages<p>- The devices communicate over a server which simply facilitates delivery of the public keys and the encrypted messages between each device<p>- The devices decrypt messages using their private keys<p>I have a couple of questions here:<p>1. What is the need for the Signal protocol? From my reading, I understand that there is the concept of a single shared private key and a lot of work to share it securely? Is there something that the above scenario can&#x27;t satisfy that Signal needs to do so?
2. If no to the latter part of the above question, does my super basic breakdown of a secure messaging app actually cover all bases ?<p>This is ignoring all the other things that go into a full blown messaging app and massive network. For the purpose of the question, I&#x27;m only considering the bare minimum to get a &quot;hey&quot; from one phone to the other.
======
Piskvorrr
" _simply_ facilitates delivery of the public keys" is the pitfall here - how
do you verify that you're actually swapping pubkeys with the intended
recipient? Sure, you could hardcode server's pubkey (uh-oh), but then you
still only know that you're swapping pubkey with someone who says "I am Bob"
through a known _server_ , without any guarantee that the other user is not
Mallory who will then MITM the conversation (i.e. pose as Bob for you and as
you for Bob).

~~~
nstart
Curious though. Wasn't that the exact same issue people raised a stink about
with Whatsapp? Signal has a prompt to verify when a key changes on the other
person's device? I think the only solution they have is to use a QR code to
verify that the exchanged keys are the same?

I'm very new to all of this so curious if any of that is actually connected

~~~
Piskvorrr
Yes. Key management is not so simple.

~~~
nstart
Fair enough. Thank you so much for replying by the way. Assuming I can show my
friend the public key I received over the server, and she verifies it, then
everything else can work as described right? As in, it wouldn't require
anything as complex as the Signal protocol to send messages securely?

~~~
Piskvorrr
Well, you'll need an independent channel to do this, which also needs to be
resistant to MITM. (In-person works, even though it's bothersome - but you
only need to establish this once)

As long as it's a 1:1 chat, there's not much else to it - of course, great
complexity comes to multi-user chats.

