GNUnet Messenger API: November 2025

Hey again,

this month a few changes in GNUnet rolled out that would rename keys from its identity service to make clear they are blindable asymmetric keys. So I updated libgnunetchat to keep building against it. Additionally it was suggested that services like the messenger service in GNUnet should stop using those keys for HPKE (hybrid public key encryption) directly by deriving a keypair from the identity key. Instead it should use a separate key pair only for HPKE but signed by this blindable identity key.

The advantage is pretty obvious. The least a keypair is reused for encryption purposes, the lower is the chance to reverse engineer the private key using samples of such encryption. The disadvantage is that such separate keys need to be stored additionally, exchanged between multiple devices by the receiver to decrypt private messages. So in simple terms: It makes everything a bit less efficient and more complex.

But since I’d already implemented storing symmetric keys for the forward secrecy in the messenger service, it seemed reasonable to approach this change. So I implemented the necessary changes which break protocol but since the service is still in heavy development, that’s nothing unexpected at the moment.

Everything works like this now: Once a user enters a chat or replaces their identity key, they will publish two public keys. The first one is from their identity key pair. The second one is from the new HPKE key pair, only intended for private encrypted messages (like invitations to other chat rooms for example). The second key might change more frequently than the first one.

The implementation does not enforce a specific encryption algorithm, similar as with the identity keys but currently only X25519 keys are supported for HPKE in GNUnet. The changes are not fully merged upstream yet because I’m still thinking about how to encrypt those key pairs locally in storage. Technically it should be fine to encrypt them using a derived secret from the identity key. But having an independent secret would increase security further in case of an attacker optaining the private identity key. So such an attack would only risk temporal identity theft but not providing the attacker access to private messages.

The reason why I’m still hesistant adding an independent secret (for example a user selected password) for securing against such attacks is that it should be really unlikely if the attacker has no direct access to the victims device (physically or remotely) in which case the attacker would likely be able to log keys or socially engineer gaining access to the required secret anyway. At the same time entering passwords every time you launch an application is quite annoying and I would consider annoyance to be a big risk as well. Since how does an application protect your messages if people won’t use it?

Which is exactly why I’m considering the usage of libsecret to store the secret for the messenger applications later on. But that would require more changes in libgnunetchat and the client side of the messenger service. However I don’t have a ton of free time until January. So I assume you will read about it first next year. Until then I wish you happy hollidays!

Kind regards,
Jacki

Read original article

Popular posts from this blog

GNUnet Messenger API: July 2025

Image
Hi there, unfortunately I didn’t make it to write a blog post last month. I was quite busy closing open ends of other projects while there were quite some bugs and issues to be solved in the Messenger service of GNUnet . On the bright side this means I have a lot to talk about this month. Most critical issues could be solved already, test cases of libgnunetchat pass again with all latest changes and the end-to-end encrypted chats seem to work as intended. I am still encountering some issues that messages do not get received immediately from chats or the chats can behave somewhat inconsistent. However it’s likely some condition caused by parallel events or a very specific order of events that’s difficult to reproduce. But these issues only seem to appear on reopening old chats from a previous session. The current sessions simply seem to work properly. Invitations do now respond to input feedback all the time and chat types get visualized depending on actual bits in a chat room’s key....
Read more

GNUnet Messenger API: March

Image
Hi again, Last time I had big hopes to make enough progress for a first release. But I think I’m gonna delay that a bit (maybe still this month but we will see) even though I could actually complete the things, I anticipated. However here is finally the long promised video of it running on the Pinephone Pro because there’s still much to show. The back-end of the messenger-gtk application called libgnunetchat now uses the GNUnet Name Store service to manage your chats instead of using a local directory and some configuration files for each chat as before. This means that it is now possible to start the application from any directory and it will properly sync the chats depending on the account/identity selected. Next big feature is that it is possible to generate so called lobbies. Lobbies are empty chat rooms which will be shared in form of a GNS record under a newly generated zone instead of your own identity zone. This has multiple reasons: Technically your own key could ...
Read more

GNUnet Messenger API: September 2025

Hey, a few days ago GNUnet 0.25.0 got released with the latest changes to the CORE layer and containing the new PILS service reducing the risk of being tracked while using GNUnet over a wider area. The MESSENGER service might still have some issues working properly with these changes but I will let you know here when I implemented necessary changes to utilize the new PILS service. This will be necessary because the MESSENGER service actually requires to track peers collaborating in message exchange to some degree. It won’t be necessary to link peer identities to individual chat room members. At the same time switching networks on abstract level like walking around with your mobile device or switching from physical connection to WiFi shouldn’t cause issues, message loss or heavy disconnections. So it will be fun to tackle this! However I’m very optimistic GNUnet is going in the right direction with all this work on its fundamental layers. There are still issues underlying in the TR...
Read more