I agree we need real private messages and groups. I’ve looked at lots of ways to do ...

npub1wmr…g240

2023-05-13 09:59:04

in reply to nevent1q…c8lh

I agree we need real private messages and groups.

I’ve looked at lots of ways to do this and I believe this is most promising.

https://p2panda.org/specification/encryption

We’ll need to figure out how for clients to store a set of keys for the groups they’re in. We can do it by encrypting a key collection in an event for the client itself.

MLS is a pretty well thought out of way of doing encrypted groups. In particular p2panda has found a way to do it in a decentralized architecture where the servers simply are dumb data stores like exists with nostr.

From the notes:

Private groups with Sender Ratchet Secrets

Ephemeral AEAD secrets, derived from MLS Secret Tree of current group epoch, used on a per-message base, gives Forward Secrecy (FS) and Post-Compromise Security (PCS).

Advantages:

* Provides strong security for any size of group, even very large groups
* Every message is encrypted with an individual key, attackers will not be able to read past data or future data when a key got compromised

Disadvantages:

* Members joining a group later will not be able to decrypt past data
* Clients have to store decrypted messages somewhere on their end as keys get useless soon

Author Public Key

npub1wmr34t36fy03m8hvgl96zl3znndyzyaqhwmwdtshwmtkg03fetaqhjg240

Show more details

Published at

2023-05-13 09:59:04

Kind type

1 Short Text Note

Event JSON

{ "id": "0100216c54cac22b3be887463b0f6f734607f064a7f23b74871c1cde2ee15bc2", "pubkey": "76c71aae3a491f1d9eec47cba17e229cda4113a0bbb6e6ae1776d7643e29cafa", "created_at": 1683971944, "kind": 1, "tags": [ [ "e", "751a3622501d953286b0b1ba0de56e7c9fcc202dc4bf505c25f0aa81aabd8a7e" ], [ "e", "700afe97a5833a796cc6e4c4d35d4ebd5ea4569bc7268f3fbbbaaef734498cda" ], [ "p", "c1fc7771f5fa418fd3ac49221a18f19b42ccb7a663da8f04cbbf6c08c80d20b1" ], [ "p", "ecad7a30a24bd09fd0f009e38e5b5f81e41d43e36d7f353edb0a6c2272fd87f4" ] ], "content": "I agree we need real private messages and groups. \n\nI’ve looked at lots of ways to do this and I believe this is most promising. \n\nhttps://p2panda.org/specification/encryption\n\nWe’ll need to figure out how for clients to store a set of keys for the groups they’re in. We can do it by encrypting a key collection in an event for the client itself. \n\nMLS is a pretty well thought out of way of doing encrypted groups. In particular p2panda has found a way to do it in a decentralized architecture where the servers simply are dumb data stores like exists with nostr. \n\nFrom the notes: \n\nPrivate groups with Sender Ratchet Secrets\n\nEphemeral AEAD secrets, derived from MLS Secret Tree of current group epoch, used on a per-message base, gives Forward Secrecy (FS) and Post-Compromise Security (PCS).\n\nAdvantages:\n\n* Provides strong security for any size of group, even very large groups\n* Every message is encrypted with an individual key, attackers will not be able to read past data or future data when a key got compromised\n\nDisadvantages:\n\n* Members joining a group later will not be able to decrypt past data\n* Clients have to store decrypted messages somewhere on their end as keys get useless soon", "sig": "99f1ebc7bcf9464afeaf8442b7794d0a56c3209767d5ee606de95e334528959d1c2d0908f325becb7e5a6b5eb49d6dafbb53734d8dc1065b353e5b51f4862728" }