Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Best Practices for End to End Crypto with Multiple Devices
3 points by lsiebert on March 7, 2019 | hide | past | favorite | 1 comment
So end to end encryption between two online devices is relatively easy... they exchange public keys (preferably new but ephemeral keys based on initial with every message, so people can't decode past messages if they get key access).

Things become more difficult when users expect to be able to access their information from multiple devices, maintain that information over a period of time, when users aren't online 24/7, when you aren't using some sort of central server to handle introductions/discovery but instead some sort of distributed hash table or decentralized protocol, etc. Things get complex quickly.

So I'm wondering what the current best practices are, and what papers to read.



I know there's been discussion of this topic in the Scuttlebutt community but I'm not up to date on it.

One thing that comes to mind is hierarchical deterministic wallets where many different keys can be generated from a fairly small seed which can be loaded onto multiple devices.

This also might have some ideas: https://datatracker.ietf.org/wg/mls/documents/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: