Ask HN: How hard is it to build a basic self hosted secure messaging app

1 points by nstart ↗ HN
From all my reading on how secure messaging apps are built, outside of securing infrastructure, from my understanding, for a conversation between two people each using a unique device:

- Each device would need to generate it's own public/private keypair for use in chats.

- The devices swap public keys for encrypting messages

- The devices communicate over a server which simply facilitates delivery of the public keys and the encrypted messages between each device

- The devices decrypt messages using their private keys

I have a couple of questions here:

1. What is the need for the Signal protocol? From my reading, I understand that there is the concept of a single shared private key and a lot of work to share it securely? Is there something that the above scenario can't satisfy that Signal needs to do so? 2. If no to the latter part of the above question, does my super basic breakdown of a secure messaging app actually cover all bases ?

This is ignoring all the other things that go into a full blown messaging app and massive network. For the purpose of the question, I'm only considering the bare minimum to get a "hey" from one phone to the other.

5 comments

[ 4.0 ms ] story [ 26.7 ms ] thread
"simply facilitates delivery of the public keys" is the pitfall here - how do you verify that you're actually swapping pubkeys with the intended recipient? Sure, you could hardcode server's pubkey (uh-oh), but then you still only know that you're swapping pubkey with someone who says "I am Bob" through a known server, without any guarantee that the other user is not Mallory who will then MITM the conversation (i.e. pose as Bob for you and as you for Bob).
Curious though. Wasn't that the exact same issue people raised a stink about with Whatsapp? Signal has a prompt to verify when a key changes on the other person's device? I think the only solution they have is to use a QR code to verify that the exchanged keys are the same?

I'm very new to all of this so curious if any of that is actually connected

Yes. Key management is not so simple.
Fair enough. Thank you so much for replying by the way. Assuming I can show my friend the public key I received over the server, and she verifies it, then everything else can work as described right? As in, it wouldn't require anything as complex as the Signal protocol to send messages securely?
Well, you'll need an independent channel to do this, which also needs to be resistant to MITM. (In-person works, even though it's bothersome - but you only need to establish this once)

As long as it's a 1:1 chat, there's not much else to it - of course, great complexity comes to multi-user chats.