Why? Being selective with relays(which allow expiration) it could be a good enough way to have that functionality. The only problem is "leaks" and post compromise security. Which is possible with expiration and key rotation ?
Login to reply
Replies (3)
Can the chosen relay link IP-emphemeral identities and start putting a sequence of messages together? Can't they just see when the group id has changed and link the two?
I am not doubting MLS, but I have seen too many people claim privacy until I run their server and start logging down everything every connection does to locate, track and identify each participant.
If the relay can do it. They can either sell that info for profit OR be required by court order to track and identify users. If they can do it, they will do it.
That's why I am using Tor when connecting to DM relays. Every app session is a new Tor exit node. Relays can't know where each message is coming from. It's the only way I found to keep things private.
View quoted note →
There are always going to be tradeoffs, I can easily see a shared key shared through gift wrap DMs be a good enough usecase for something like say: regular "Instagram stories", it is good enough privacy of content.
Privacy of metadata is also very hard to crack I. This case, but still maybe doable with chain analysis kind of stuff.
So.. Should you sell drugs with this something like this? Probably not, could you share fun food pics on your stories with your friends that you don't want to tell the whole world about?
Yes.