SimpleX Chat's avatar
SimpleX Chat simplex@primal.net 1 year ago
3. Cryptographic primitives. Curve25519 / XSalsa20 256 / Poly1305 (downgraded for the absence of PQ encryption). We added PQ encryption in March this year:
SimpleX Chat v5.6 (beta): adding quantum resistance to Signal double ratchet algorithm
 This is done in the same way as Apple describes as PQ3 here:
iMessage with PQ3: The new state of the art in quantum-secure messaging at scale - Apple Security Research
iMessage with PQ3: The new state of the art in quantum-secure messaging at scale - Apple Security Research
We are introducing PQ3, a groundbreaking cryptographic protocol for iMessage that advances the state of the art of end-to-end secure messaging. Wit...
 it provides stronger protection than Signal design where PQ encryption only applies to the initial key exchange.
↑ Parent

Replies (1)

SimpleX Chat's avatar
SimpleX Chat simplex@primal.net 1 year ago
4. Directory service could be modified to enable a MITM attack? Yes This is incorrect, as there is no user directory service at all (and no knowledge of even the number of users), and MITM by servers is not possible by design, even without optional security code verification (that exists to mitigate MITM by the channel you used to pass one-time invitation link, e.g. email).
1 replies ↓