Hi @diorwave
I'm interested in contributing a post-quantum security upgrade to cmd-chat. It currently uses SRP=AES128, which are vulnerable to attacks from quantum computers.
Proposed changes:
Replace SRP with ML-KEM (post-quantum key encapsulation)
Upgrade AES-128 to AES-256
This maintains the overall architecture and zero-knowledge properties
Benefits:
Future proofing against quantum threats
ML-KEM has minimal performance impact (roughly 10 to 50ms per connection)
Aligns with emerging cryptography standards (NIST post-quantum standardization)
Tradeoffs:
Adds dependency on liboqs-python
Key sizes increase slightly (roughly 1KB per connection)
Would require testing
Would you be open to a pull request with this change? I'm happy to implement it if you're interested.
Hi @diorwave
I'm interested in contributing a post-quantum security upgrade to cmd-chat. It currently uses SRP=AES128, which are vulnerable to attacks from quantum computers.
Proposed changes:
Replace SRP with ML-KEM (post-quantum key encapsulation)
Upgrade AES-128 to AES-256
This maintains the overall architecture and zero-knowledge properties
Benefits:
Future proofing against quantum threats
ML-KEM has minimal performance impact (roughly 10 to 50ms per connection)
Aligns with emerging cryptography standards (NIST post-quantum standardization)
Tradeoffs:
Adds dependency on liboqs-python
Key sizes increase slightly (roughly 1KB per connection)
Would require testing
Would you be open to a pull request with this change? I'm happy to implement it if you're interested.