Replies: 2 comments 1 reply
-
There should be no keys at all on a unattended repeater |
Beta Was this translation helpful? Give feedback.
0 replies
-
For the case where an unattended repeater is LOCAL_ONLY, I don't see how it would work without keys. Am I missing something? |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Direct messages already utilize PKC (asymmetric), but channels use AES (symmetric) keys to encrypt and decrypt. The is a problem for unattended repeaters, where a compromise of one device means an attacker can listen in on a private channel.
Unfortunately, sharing and maintaining N keys for participants in a channel scales very poorly. A way around this could be a hybrid approach such that a channel's private key is only held by channel participants and the public key can be used by repeaters to verify message integrity (thus support for LOCAL_ONLY/KNOWN_ONLY is not impacted).
Support for PKC on channels just so happens to solve announce-only channels as well: #3814 Where the private key for a channel is only shared with admins, and the public key is shared to all listeners.
Other than the work to implement this support, are there downsides to this approach, like power draw/computation requirements changing?
Beta Was this translation helpful? Give feedback.
All reactions