I'm currently creating an e2ee framework for securing webapps in regard with data breaches. One of the components is a secure transfer of the key material out of the browser into a smartphone with secure storage. To this end i have devised a short-authenticaiton-string based cryptographic protocol and proven it secure (you can find more about it here https://whitenoise.systems/blog/eprint-2025-1598/).
Then i thought that maybe this protocol is usable in a more broad context and identified that the current e2ee file-transfer solutions sleep on PQC and sometimes even on proper e2ee protocol design. So i implemented the key transfer as a rather general file-transfer tool and created some NPM packages that modularize the funcitonalitites for re-usability (https://whitenoise.systems/tools/)
Would like to hear some usage feedback and ux feedback on the short-authentication-string approach. I hope to find the time to develop an actual webapp for this transfer in the future. But most likely the webapp will be based rather on PAKEs, because the PAKE concept UX just works better in asynchronous settings.
Kind regards,
Wasilij Beskorovajnov
White Noise Systems
Hey all,
I'm currently creating an e2ee framework for securing webapps in regard with data breaches. One of the components is a secure transfer of the key material out of the browser into a smartphone with secure storage. To this end i have devised a short-authenticaiton-string based cryptographic protocol and proven it secure (you can find more about it here https://whitenoise.systems/blog/eprint-2025-1598/).
Then i thought that maybe this protocol is usable in a more broad context and identified that the current e2ee file-transfer solutions sleep on PQC and sometimes even on proper e2ee protocol design. So i implemented the key transfer as a rather general file-transfer tool and created some NPM packages that modularize the funcitonalitites for re-usability (https://whitenoise.systems/tools/)
Would like to hear some usage feedback and ux feedback on the short-authentication-string approach. I hope to find the time to develop an actual webapp for this transfer in the future. But most likely the webapp will be based rather on PAKEs, because the PAKE concept UX just works better in asynchronous settings.
Kind regards, Wasilij Beskorovajnov White Noise Systems