• ree@lemmy.ml
    link
    fedilink
    arrow-up
    1
    arrow-down
    5
    ·
    3 years ago

    Yhea their double ratchet algo is a complete joke. I wonder why it’s been implemented in WhatsApp, xmpp, matrix , etc.

    • southerntofu@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      3 years ago

      Disclaimer: i’m no cryptographer

      I think the crypto in Signal looks fine. The double ratchet isn’t bad, although it has some drawbacks (at least the OMEMO variant) about long-absent participants running out of published ephemeral keys.

      The problem with Signal is the centralized system (which relies on absolute trust in a server’s “trusted computing” module) and the business governance. I’m very critical of m0xie and friends in their political/economic decisions, but they seem to produce good cryptography…

      • ree@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        I was trolling.

        I know the direction of the project and their stance against centralisation is debatable but they produce good and reviewed software and libraries.

        What you do with it is a personal choice.