lu-zero
commented
2 years ago group oscore might solve a similar problem, should be good to look into it.
Open arpad-m opened 2 years ago
lu-zero
commented
2 years ago group oscore might solve a similar problem, should be good to look into it.
Currently, the code doesn't have a mechanism to establish or change the shared key. The simple approach that I wanted to implement initially was to have the leader create a new shared key, and then distribute it to all the nodes, encrypting it with the public key.
However, the currently used algorithm, ed25519, is not suited for encrypting things, only to sign them. RSA works, and there is libp2p support for it, but generally I'd prefer something that uses ed25519. libp2p does not expose encryption functionality for RSA either, but unlike for ed25519 however, libp2p supports RSA key importing in a standard format, so one can make the key available in another library in standard format, and use that library for the encryption/decryption part. So RSA is possible but I'm not a fan of it.
I'm also wondering about post-mvp key establishment mechanisms. For example, there is ART trees. There is a Rust implementation of MLS, which is an IETF standard draft for encrypting group chats. Many of the problems they are solving also need to be solved by us. I wonder how we can re-use their stuff. Also, I've skimmed the paper, and a basic version of ART trees doesn't seem to be that hard to implement. So I don't know.