Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
Meet DAVE: Discord’s New End-to-End Encryption for Audio & Video
Discord - Stephen BirardaPosted 11 Months Ago- Discord created a new end to end encryption protocol they call DAVE. This will be used on DMs, group DMs, voice channels and live streams on Discord in the future.
- For key exchange, they use the Messaging Layer Security protocol. This protocol allows having a per sender encryption key for all members of a group. Whenever a member of the group leaves or joins, the key exchange must be done again to prevent some attacks, which is well-thought out.
- For identity and user verification, they use the MLS ciphersuite with ECDSA signatures. Each participant generates an identity key pair and shares this with other members on the call. Each device generates a private key so no synchronization isn't needed between devices. These are ephemeral and re-generated for each call.
- I love reading articles from big companies about security best practices. Since these companies have the money and time to put effort into it, the needle can really be moved with the effort!
