Replace default auth-hidden-server with 3DH DAKE #15
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Just had a conversation with someone regarding deniability and the way ricochet currently does client authentication in the protocol.
They proposed we replace the current challenge-response protocol (https://github.com/ricochet-im/ricochet/blob/master/doc/protocol.md#authhiddenservice) with a 3DH DAKE - we would then encrypt messages between peers using the derived key.
This would provide offline deniability (not online deniability), and Tor would not break the deniability. An improvement over the current challenge-response protocol which does not provide any kind of deniability.
I will probably implement this as
im.ricochet.auth.3dh-dake
Implemented as part of v3onion