Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement custom encryption protocol to replace signal #2179

Open
guiyanakuang opened this issue Nov 9, 2024 · 0 comments · May be fixed by #2187
Open

Implement custom encryption protocol to replace signal #2179

guiyanakuang opened this issue Nov 9, 2024 · 0 comments · May be fixed by #2187
Assignees
@guiyanakuang
Labels
Multiplatform Multiplatform Refactor Refactor
Milestone
CrossPaste 1.1.0

Comments

@guiyanakuang
Copy link
Member

This commit replaces the Signal protocol with a custom secure protocol to avoid GPL license dependency. The new implementation:

  • Uses ECDSA (P256 curve) for initial key exchange and verification
  • Implements manual token verification to prevent MITM attacks
  • Employs AES-GCM for secure message encryption
  • Provides forward secrecy with per-session key pairs
  • Maintains compatibility with existing connection interfaces
@guiyanakuang guiyanakuang added Refactor Refactor Multiplatform Multiplatform labels Nov 9, 2024
@guiyanakuang guiyanakuang added this to the CrossPaste 1.1.0 milestone Nov 9, 2024
@guiyanakuang guiyanakuang self-assigned this Nov 9, 2024
@guiyanakuang guiyanakuang linked a pull request Nov 12, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@guiyanakuang guiyanakuang

Labels
Multiplatform Multiplatform Refactor Refactor
Projects
None yet
Milestone
CrossPaste 1.1.0
Development

Successfully merging a pull request may close this issue.

✨ Implement custom encryption protocol to replace signal CrossPaste/crosspaste-desktop
1 participant
@guiyanakuang