SimpleX Chat on Nostr: we understand the limitations of AES-GCM, and they do not apply here, but we will ...
we understand the limitations of AES-GCM, and they do not apply here, but we will revalidate it.
Groups don't use shared keys, they are based on pairwise ratchets.
The encryption scheme evolved with the addition of sntrup761 to double ratchet, and if AES-GCM proves suboptimal, it can be replaced too.
Also, it is customary to follow a process to report vulnerabilities: https://simplex.chat/security/
Doing it in public forum hurts your credibility.
Groups don't use shared keys, they are based on pairwise ratchets.
The encryption scheme evolved with the addition of sntrup761 to double ratchet, and if AES-GCM proves suboptimal, it can be replaced too.
Also, it is customary to follow a process to report vulnerabilities: https://simplex.chat/security/
Doing it in public forum hurts your credibility.