Hacker News new | past | comments | ask | show | jobs | submit login

A browser-based chat where the messages are encrypted in the browser so that only the conversation participants can see the messages but not the server, it's just storing them. The messages would be encoded by AES and the key exchange can be done with RSA. The database would store the encription key for every user for every conversation but encrypted with for example the user's password or RSA private key, and the private key would be also encrypted the same way, and when these keys are needed, the server sends them to the browser, the javascript decodes them with the user's account password and voilá. So it would be a browser-based Skype with Mega-like encryption.

Something like https://crypto.cat/ ?

Supports multiparty OTR, etc.

Server doesn't see message contents. Ephemeral key exchange via OTR (hence supports perfect forward secrecy), though of course there's always the problem of trusting the fingerprint, i.e. someone (e.g. the server) can just MitM the whole thing.

So ideally, one should verify the OTR fingerprints of the other parties via some secondary channel.

You can also run the server on your own infrastructure.


> key exchange can be done with RSA

any particular reason for RSA, and not ECDH key exchange?

[hrr, can't edit my own message anymore, it seems]

errata: mpOTR (as implemented by cryptocat) does not seem to support PFS right now, which is quite a big deal.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact