Enhanced HKDF-based key derivation with improved security features
- Implemented proper RFC 5869 compliant HKDF key derivation process - Added Perfect Forward Secrecy (PFS) key for enhanced session security - Improved key separation using unique info parameters for each derived key - Enhanced salt size from 32 to 64 bytes for increased entropy - Added comprehensive key validation and error handling - Implemented proper ECDH + HKDF integration following Web Crypto API best practices - Added metadata encryption key for enhanced data protection - Improved compatibility with modern cryptographic standards (RFC 7748, NIST SP 800-56A) -Enhanced logging and debugging capabilities for cryptographic operations - Maintained backward compatibility while upgrading security infrastructure Security improvements: - Cryptographic isolation between different key purposes - Enhanced protection against cross-key attacks - Improved resistance to future key compromise scenarios - Better compliance with OWASP cryptographic storage guidelines Technical details: - Refactored deriveSharedKeys() method for proper HKDF implementation - Updated WebRTC manager to use new messageKey API - Added comprehensive error handling and validation - Improved browser compatibility with standardized cryptographic operations - This update strengthens the existing security foundation with modern cryptographic practices while maintaining full system compatibility.
This commit is contained in:
lockbitchat
@@ -1,5 +1,5 @@
|
||||
{
|
||||
"name": "SecureBit.chat v4.4.18 - ECDH + DTLS + SAS",
|
||||
"name": "SecureBit.chat v4.4.99 - ECDH + DTLS + SAS",
|
||||
"short_name": "SecureBit",
|
||||
"description": "P2P messenger with ECDH + DTLS + SAS security, military-grade cryptography and Lightning Network payments",
|
||||
"start_url": "./",
|
||||
|
||||
Reference in New Issue
Block a user