this post was submitted on 03 May 2024
386 points (99.7% liked)

Fediverse

28691 readers
598 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (5 children)

Yeah as long as theres an (practically) unfalsifiable way to forward the message that sounds very useful, which sounds like there is based on the response to my first comment.

[–] dracs 3 points 7 months ago (4 children)

Typically end to end encryption includes digital signing of the message so you can verify who the sender was.

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (3 children)

Been forever since I did any work with cryptography, but if my memory is correct:

Alice needs Bob’s public key to verify a signed message from Bob haven’t been altered;

Bob needs Alice’s public key to encrypt a message that can only be decrypted by Alice;

If Bob sends Alice a message encrypted with Alice’s public key, signed with Bob’s private key, containing “Hello, how are you?” ; this message could be verified as authentic by Charlie using Bob’s public key but Charlie cannot see the contents of the message as Charlie does not have Alice’s private key.

Without Alice disclosing their private key, how can Charlie review the content of a reported message from Alice claiming Bob sent them something inappropriate?

I.e. how can Charlie be certain if Alice claims Bob sent “cats are evil” when Charlie cannot decrypt the original message, only verify the original message have not been altered via Bob’s public key.

[–] dracs 2 points 7 months ago (1 children)

It's been a while since I've had to touch it too. But couldn't Alice provide Charlie with both the plain text and her public key. Charlie could then encrypt the text and see it came out the same as blob Bob sent Alice?

[–] [email protected] 1 points 7 months ago

I think this might work, I haven’t done it for too long to know for certain if two same plain text encrypted with two same public key would yield two identical encrypted blobs.

I’ve self replied another possible implementation, that I’m pretty proud of figuring out literally 1AM. If you have time, please do give it a glance and see if you can spot any weakness.

load more comments (1 replies)
load more comments (1 replies)
load more comments (1 replies)