Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That's true, but not really relevant until you hit 1000s of chat members. MLS targets up to 50,000. But there isn't a plausible threat model for a secure chat that large (someone will leak or it will be infiltrated).


it's already relevant at 1000 members, and why not use it when it is possible?

Also, switch messenger once you hit 1k?

Even it a leak may be possible, it still isn't guaranteed. Instead you guarantee server side access without e2ee


At 1000 members a DCGKA key update (when the group membership changes) is ~300kb. So, equivalent to someone sending a small image, which they probably do very frequently.


per device? what about the computational costs involved (which may require wasm/js)?


Don't get me wrong, FR-CGKA looks cool. I hadn't seen it yet, and am still reading it.

Not sure why wasm/js is relevant to the discussion.


well, encryption needs computational resources; you have to expect higher overhead when you do encryption in the web compared to native code e.g. in Rust or C. It kind of is the upper bound of slowness ;)


I thought the selling point of wasm was close to native speed. :-)

If something is important browsers can always add it to webcrypto anyway.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: