• taanegl@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    1
    ·
    7 months ago

    Public-private key signing, using up to date cryptography. That’s it. It’s also “quantum safe”, because all cryptography used by the public goes through peer review processes.

    Microsoft as well as Meta have contracted Whisper Systems, but there’s no way of guaranteeing that the signing process is functionally working or if it’s been broken. If it’s run server side, you have no clue. If it’s run client side, there’s still a question if the process hasn’t been tampered with in some way.

    Remember: there is no such thing as cryptography with a backdoor. At that point, it’s just a secrets system.