I read the source code and this is a hobby-project that you could write in an afternoon with no knowledge of cryptographic protocols.
There are dozens of obvious deficiencies even to me and I am no expert in cryptography. An easy example to point out is that there is no input validation and no error checking or exception handling. Both the client and server just assume that the other side is a well-behaving correct implementation.
The author should not be posting this around as if it’s a serious tool for people to use. If anything it’s a starting point for OP to get advice from experts on how real systems do this properly. I’d recommend that the author spends a LOT of time reading before doing. There are numerous design documents of real systems and protocols, and some good comprehensive books too.
From what I can tell, this is the only stuff this lemmy account is posting. Tons of “weekend projects” making grand claims about security and privacy. Usually posted the same day the github project is created, no less.
I read the source code and this is a hobby-project that you could write in an afternoon with no knowledge of cryptographic protocols.
There are dozens of obvious deficiencies even to me and I am no expert in cryptography. An easy example to point out is that there is no input validation and no error checking or exception handling. Both the client and server just assume that the other side is a well-behaving correct implementation.
The author should not be posting this around as if it’s a serious tool for people to use. If anything it’s a starting point for OP to get advice from experts on how real systems do this properly. I’d recommend that the author spends a LOT of time reading before doing. There are numerous design documents of real systems and protocols, and some good comprehensive books too.
From what I can tell, this is the only stuff this lemmy account is posting. Tons of “weekend projects” making grand claims about security and privacy. Usually posted the same day the github project is created, no less.