You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The server is not currently secure because it does not encrypt nor authenticate data.
There are multiple requirements here:
Messages must be authenticated. While FROST does not strictly require this, it makes things easier.
Messages must be encrypted. ZF transaction information is confidential and only the selected participants in a signing session should have access to them. This entails symmetric-key authentication, which is not the same as above; it can be done by simply using authenticated encryption.
There are many ways of accomplishing this. Some ideas:
Allow users to register public keys in their server accounts. Users can then use the key pairs to carry out encryption, e.g. each participant encrypts each message sent to other participant's using their public keys. They could also sign messages to authenticate them.
The server could be malicious and change user's public keys, so this would need a figerprinting mechanism like Signal
For encryption we could use something static like age (how to handle signing though?) or something dynamic like snow. The latter might be trickier, and might require the server to be more "dumb" and simply acts a proxy of sorts between coordinator and participants. Needs some study.
The text was updated successfully, but these errors were encountered:
conradoplg
changed the title
Encryption/Authentication
Add encryption/authentication
Mar 22, 2024
The server is not currently secure because it does not encrypt nor authenticate data.
There are multiple requirements here:
This will likely interact with #178
There are many ways of accomplishing this. Some ideas:
The text was updated successfully, but these errors were encountered: