11 posts tagged with "encryption"

What if one lock on your door isn't enough? What if an attacker could pick that single lock and access everything? In the world of encryption, we face a similar challenge: single-layer encryption creates a single point of failure. When that one algorithm is broken—whether by a quantum computer, a newly discovered vulnerability, or a key compromise—your data is exposed.

Cascading ciphers solve this problem by layering multiple encryption algorithms together, like Russian nesting dolls or a castle with moats, walls, and guards. Each layer provides independent protection. Break one, and the others still stand. In this article, we'll explore how cascading ciphers work, why they matter, and when to use them—without getting lost in implementation details.

⚠️ NOTE: This document and related project is not finished. The details in this document are subject to change.

What if you could combine multiple encryption algorithms like layers of an onion, where each layer provides independent protection? What if breaking one encryption layer still left your data protected by two or three more?

In this article, we'll explore how to build a cascading cipher system that chains multiple encryption algorithms together for defense-in-depth security. We'll walk through a browser-based JavaScript implementation that combines MLS (Message Layer Security), Signal Protocol's Double Ratchet, Diffie-Hellman key exchange, and AES-GCM encryption—all working together to create a robust, multi-layered encryption solution.

Building on the functional web components framework we've been developing in this series, today we're tackling one of the most powerful capabilities modern browsers offer: file system access. The useFS hook brings unified file storage to dim, bridging the File System Access API and Origin Private File System (OPFS) with optional encryption—all wrapped in a clean, functional interface.

Have you ever wondered how to protect your data from future quantum computers? What if I told you there's a way to encrypt messages that even quantum computers can't break?

In this beginner-friendly tutorial, we'll explore ML-KEM (Module-Lattice Key Encapsulation Mechanism), a quantum-resistant encryption algorithm that's becoming the new standard for secure communication. By the end of this guide, you'll understand what ML-KEM is, how it works, and how to use it in your own applications.

⚠️ WARNING: This document is not finished. The details in this document are subject to change.

End-to-end encrypted messaging for two people is a solved problem—Signal Protocol has set the gold standard. But what happens when you want to scale that security to group chats with dozens or hundreds of participants? Traditional pairwise encryption becomes a nightmare: N participants require N(N-1)/2 encrypted channels, each with its own key management overhead.

Enter MLS (Message Layer Security), the IETF's RFC 9420 standard designed specifically for scalable group messaging. MLS provides the same strong security guarantees as Signal Protocol—forward secrecy, post-compromise security, authentication—but does so efficiently for groups of any size.

In this article, we'll explore how MLS works, why it's a game-changer for group messaging, and walk through a complete browser-based implementation using the ts-mls library. We'll cover everything from the TreeKEM algorithm to practical P2P integration with WebRTC.

We are excited to announce a transformative new feature in our app: Decentralized PeertoPeer (P2P) Video and Chat in Virtual Reality—directly within your browser as a web chat app. This feature represents a significant leap forward in enabling secure, immersive, and interactive communication experiences to let you chat instantly with anyone, anywhere.

This post serves as a technical update and roadmap for the P2P messaging project. Rather than promoting the project, I want to clearly explain how it works, what's currently implemented, what's in progress, and what's planned for the future. Cybersecurity is a constantly evolving field and no system can be completely secure. I've created an exhaustive list of features and practices that help make the messaging app as secure as possible.

⚠️ WARNING: This document is not finished. The details in this document are subject to change.

The Signal Protocol has become the gold standard for end-to-end encrypted messaging, powering applications like WhatsApp, Signal, and Facebook Messenger. But what happens when you want to implement the same level of security in a truly peer-to-peer environment—one without centralized servers managing pre-keys and message routing?

In this article, we'll explore how to adapt the Signal Protocol's X3DH (Extended Triple Diffie-Hellman) key agreement and Double Ratchet algorithm for direct peer-to-peer communication over WebRTC. We'll discuss the challenges unique to P2P environments, propose practical solutions, and walk through a browser-based JavaScript implementation that maintains the security guarantees of the original protocol.

We're excited to announce that our P2P messaging application now supports quantum-resistant encryption using ML-KEM (CRYSTALS-Kyber), a NIST-standardized post-quantum key encapsulation mechanism. This addition brings quantum-resistant security to our cascading cipher system, providing protection against future quantum computing attacks.

In digital communication, security and privacy are the major initials. Our latest project—a chat application built with JavaScript—aims to provide a robust communication platform fortified with industry-grade encryption. While we aspire to offer one of the most secure chat experiences available, declaring it "the most secure chat app in the world" might be premature. This article delves into the technology behind our app, current security measures, and the remaining challenges. We also welcome feedback to help refine our approach.