Ask HN: How hard is it to build a basic self hosted secure messaging app
- Each device would need to generate it's own public/private keypair for use in chats.
- The devices swap public keys for encrypting messages
- The devices communicate over a server which simply facilitates delivery of the public keys and the encrypted messages between each device
- The devices decrypt messages using their private keys
I have a couple of questions here:
1. What is the need for the Signal protocol? From my reading, I understand that there is the concept of a single shared private key and a lot of work to share it securely? Is there something that the above scenario can't satisfy that Signal needs to do so? 2. If no to the latter part of the above question, does my super basic breakdown of a secure messaging app actually cover all bases ?
This is ignoring all the other things that go into a full blown messaging app and massive network. For the purpose of the question, I'm only considering the bare minimum to get a "hey" from one phone to the other.
5 comments
[ 4.0 ms ] story [ 26.7 ms ] threadI'm very new to all of this so curious if any of that is actually connected
As long as it's a 1:1 chat, there's not much else to it - of course, great complexity comes to multi-user chats.