2 comments

[ 1.1 ms ] story [ 16.8 ms ] thread
How is is this different or better than gpgtools or similar that already exist?
This has a number of advantages over GPG. In general, it provides better default security without having to fumble to pick the right options with GPG.

For example:

In order to get sender authentication in GPG, you have to sign the message. GPG doesn't do this by default when encrypting a message, but you can choose to add a signature. But even if you do sign the message, GPG provides non-repudiation which means that you can no longer deny that you sent the message. Kestrel provides sender authentication while preserving deniability.

There are a number of other strong security guarantees that are provided by Kestrel's use of the noise protocol. There is more info on some of those properties here [1]

[1]: https://getkestrel.com/docs/security-information.html