this post was submitted on 12 Mar 2025
28 points (96.7% liked)
Open Source
35627 readers
209 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
group chat is still a work-in-progress, but it'll work in a way where asymmetric and symmetric encryption keys are generated in javascript using cryptography tools provided by the browser of your choice.
when a connection is established over webrtc (which mandates encryption anyway), the asymmetric keys are exchanged using the diffie-helman technique.
the keys are persisted into browser storage (indexedDB) so in a future reconnection, new keys dont need to be rgenerated. if you connect to a "known-peer", the keys can be used for a kind-of p2p authentication.
all the security here depends on the security of the connected devices involved. this approach is in contast to connecting to an api to authenticate and proxy encrypted messages.
for more info there may be related information/links here: https://positive-intentions.com/blog/security-privacy-authentication