reply on: emon: encrypted messaging over nostr with lightning integration ⚡ \ stacker news ~nostr

pull down to refresh

0 sats \ 7 replies \ @gandlaf21 21 Jan 2023 \ on: emon: encrypted messaging over nostr with lightning integration ⚡ nostr

Just FYI, Encrypted messaging over nostr nip04 is not optimal, and way less secure than for example Signal or something alike.

some drawbacks of Nip04:

Senders PUBK is leaked
Recipients PUBK is leaked
Timestamp is leaked
If one private key gets compromised, the whole conversation can be decrypted (due to no key-ratcheting)

0 sats \ 1 reply \ @SebasWouters OP 29 Jan 2023

https://excalidraw.com/#json=a3QchmPVJTwUmnGRdgWAE,ruanCZyI0JqggZlZOrLm_A

0 sats \ 0 replies \ @247bf84fda 25 Aug freebie

deleted by author

0 sats \ 3 replies \ @kevkevin 21 Jan 2023

are they using Elliptic curve Diffie Helman is that why? Isn't the point of Diffie Helman to establish a symmetric that both parties can use but in order to do so you need to expose your pubkey

0 sats \ 1 reply \ @gandlaf21 22 Jan 2023

Yes, the senders and receivers pub key are stored in the event data.

You could mask the receiver by sending to many pub keys, but only one real one.

ECDHKE is good, but for conversation, where multiple messages are sent back and forth, you want an additional security parameter. The keys for encryption and decryption should change with each message. So that if a key gets compromised, the history cannot be decrypted