Is this open to key commitment exploitation? Password derived key? E2EE and MLS thoughts? #38
Description
Hi,
This is such an incredible repo/example, thank you to all at Dwyl for making this.
I was curious if this is susceptible to key commitment vulnerabilities?
Paper: https://eprint.iacr.org/2020/1456
Cryptography.fm podcast episode: https://www.cryptography.fm/10
Password derived keys
If so, then would it make sense to implement a password derived key mechanism part1 and part 2 from Badu's Medium posts?
I was thinking that the key/get_key process from AES.encrypt/1 is then pulling the password_derived_key from each person, perhaps making the system administration agnostic to the symmetric keys?
Asymmetric with sharing
Or perhaps with asymmetric encryption, similar perhaps to part 3 and part 4 from Badu's Medium posts?
E2EE with MLS
I guess at that point we're approaching "end-to-end" encryption in the browser (a dream)? Which, as I understand, we should be waiting for the IETF's Messaging Layer Security architecture/protocol standard to be ready for implementation?
Github MLS repos: Messaging Layer Security draft documents
Datatracker: https://datatracker.ietf.org/wg/mls/about/
Would love to hear what you think, thank you.
❤❤❤