Privacy

31242 readers

777 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

A chat tool using post-quantum cryptography (lemmy.world)

submitted 4 days ago by [email protected] to c/[email protected]

7 comments fedilink hide all child comments

https://github.com/umutcamliyurt/PQChat

top 7 comments

sorted by: hot top controversial new old

[–] [email protected] 20 points 4 days ago (2 children)

Didn't Signal update their protocol to make it post-quantum?

[–] [email protected] 13 points 4 days ago

Yes but this tool doesn't require your phone number unlike Signal

[–] [email protected] 1 points 4 days ago* (last edited 3 days ago) (1 children)

Many messengers did

[–] [email protected] -1 points 4 days ago

Afaik just the Signal Protocol and iMessage (no reason to use the latter tho!).

[–] [email protected] 6 points 3 days ago

Neat.

Warning disclaimer : I'm not a cryptographer.

I actually tinkered with https://github.com/open-quantum-safe and it's actually quite simple to become "post-quantum" whatever. The main idea being that one "just" have to switch their cryptographic algorithm, what one uses to encrypt/decrypt a message, from whatever they are using to a quantum-resistant (validated by NIST or whomever you trust to evaluate them) and... voila! The only test I did was setting up Apache httpd and querying that server with Chromium and curl, all with oqs, while disabling cryptographic algorithms that were not post-quantum and I was able (I think ;) to be "safe" relative to this kind of attacks.

Obviously this is assuming a lot, e.g that there are not other flaw in the design of the application, but my point being that becoming quantum-resistant is conceptually at least quite simple.

Anyway, I find it great to demystify this kind of progress and to realize how our stack can indeed, if we do believe it's worth it now, become resistant to more threats.

[–] [email protected] 8 points 4 days ago

Now we wait for someone to build an absolutely wonderful chat app on top of this wonderful bit of PoC code...

I genuinely hope someone does. Imagine what this could do if this was routed over Tor using Private Services.

Run this over that; and you'd have a bullet-proof text chat. Wrap a nice GUI client around all of that and you have a proper secure, anonymous messenger with no problems. With a little more build-out; you could even implement the Matrix protocol over this wire-line and basically have full inter-federation and moderation over a secure wire protocol; allowing for complete privacy and client integration.

TL;DR: Matrix over PQChat over Tor. Think about it. A Post-Quantum Dark-Matrix web.

[–] [email protected] 6 points 4 days ago

Quantum Resistance and the Signal Protocol