top | item 40264368

(no title)

dkraj | 1 year ago

Yes only the network layer encryption. No file encryption as it will cost client browsers a lot in case of encrypting and then decrypting that at other end.

I have written more about it here: https://dikshantraj2001.medium.com/nat-stun-turn-and-ice-466...

Currently, I am using the public STUN servers only. If the IPs are not reachable, it would show an error and won't work as setting up TURN server would mean same as a third party server saving in file and serving it over network

discuss

porridgeraisin|1 year ago

You can use https://npmjs.com/e2ee.js (disclaimer: I am the author) for basic end to end encryption in the browser (uses the webcrypto api). It supports encrypting and decrypting a web stream as well which you could use.

d-z-m|1 year ago

Ideally I would not have to trust the signalling server to ensure I'm transferring files to who I think I am[0]. Not as much of a knock against your project as a knock against webRTC in general.

[0]: https://webrtchacks.com/webrtc-and-man-in-the-middle-attacks...

stevenicr|1 year ago

Has anyone considered a passphrase that splits into three words, where the middle server can decrypt one word and deliver a word and get a response then provide the whole phrase three words to prove it is the messenger that Bob sent?

Or something like that?