Replying to Avatar calle

💥 finally established a successful handshake with the new iOS version of btichat that uses noise xx encryption with forward secrecy.

I ended up forking the noise-java crypto library (used in signal) and had to make open heart surgery so it supports static keys instead of generating new ones for each session.

still buggy af and the handshake only works 10% of the time but seeing this fucking lock turn green has been the most valuable learning experience I've had in the last year.

I know kung fu.
Avatar
ManyKeys 5mo ago

Super interesting work! Kudos!

But isn't using static keys with Noise XX kind of losing the point of perfect forward secrecy? If you use static keys and those get compromised, won't past sessions be exposed? Would love to hear how you're thinking about forward secrecy here.

#nostr #btichat

Reply to this note

Please Login to reply.

Discussion

Avatar
calle 5mo ago

good question but no this is part of the xx pattern. you have ephemeral keys and static keys, the static ones can be used for authentication. the ephemeral keys are different for each session.

the protocol refreshes sessions every x messages so you'll only be able to decipher messages until then.