[HN Gopher] SecureDrop Protocol
       ___________________________________________________________________
        
       SecureDrop Protocol
        
       Author : Zezima
       Score  : 146 points
       Date   : 2024-05-07 15:12 UTC (7 hours ago)
        
 (HTM) web link (securedrop.org)
 (TXT) w3m dump (securedrop.org)
        
       | blamestross wrote:
       | I'm not convinced requirements 3 and 4 are actually needed.
       | 
       | 3) make internal state not useful to the attacker.
       | 
       | 4) assuming the ciphertexts won't leak seems silly. Might as well
       | hand them out.
       | 
       | Which leads to what they call "trial decryption" to be a better
       | solution. If you are that worried about the scalability of your
       | whistleblower protocol at that level, we are trying to solve the
       | wrong problem.
        
         | blamestross wrote:
         | Bitmessage solved this problem a while ago. This just adds
         | extra centralization.
        
           | irq-1 wrote:
           | From the Bitmessage website https://wiki.bitmessage.org/
           | 
           | > Security audit needed
           | 
           | > Bitmessage is in need of an independent audit to verify its
           | security. If you are a researcher capable of reviewing the
           | source code, please email the lead developer. You will be
           | helping to create a great privacy option for people
           | everywhere!
        
       | GalaxyNova wrote:
       | This would be very useful for Boeing engineers.
        
       ___________________________________________________________________
       (page generated 2024-05-07 23:00 UTC)