top | item 33347470

(no title)

jsethi512 | 3 years ago

we built on the principles of zero-knowledge cloud which means decentralizing identity + crypto on the client side. Keeping passwordless in context, we wanted to eliminate passwords completely which means not even a master password. we rolled out our own crypto for mobile, browser and desktop app.

discuss

philsnow|3 years ago

To "roll your own crypto" is to develop your own cryptographic primitives/constructions, versus using known-good, well-vetted, best-practice standard tools like NaCl / libsodium.

> we rolled out our own crypto

"roll out" means to deploy, so to "roll out your own crypto" could mean either one. Did you mean that you developed your own crypto? If so, that could be a not insurmountable, but large, impediment to gaining trust.

jsethi512|3 years ago

I apologize for not being clear. we have developed crypto using well-vetted and best practice crypto apis from android, iOS and web crypto apis available in the browser. some of the algos used for crypto operations involve ECC_NIST_P256, AES-GCM with HMAC-based KDF, RSA-OAEP, Shamir's secret sharing...