Security News
PyPI Now Supports iOS and Android Wheels for Mobile Python Development
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.
By Sarah Gooding - Feb 12, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@coast-team/mute-crypto
Advanced tools
@coast-team/mute-crypto
Algorithm generating a cryptographic key for MUTE collaborative session
Mute-Crypto
This library implements the conference key distribution system designed by Burmester and Desmedt[1].
Purpose
To secure the communications in the peer-to-peer collaborative editor Mute it is fundamental to implement an end-to-end encryption system. The main characteristic of this kind of system is that the secret key (used to encrypt the communications) must only be known to the communicating parties (i.e. no server/intermediary must have access to the keys). It is also essential that the secret keys must not be communicated through the network but rather negotiated. This goal is achieved by a protocol that allow the parties to compute the same key without ever send it through the network (even by out-of-band channel). One of these is the Diffie-Hellman Key exchange protocol. Mute-Crypto implements an n-party Diffie-Hellman key exchange generalization of this protocol.
Technical aspects
- The cryptographic primitives are provided by Mute-Crypto-Helper.
- There is a rekeying each time a member join or leave the session.
[1]: A Secure and Efficient Conference Key Distribution System
Keywords
FAQs
Algorithm generating a cryptographic key for MUTE collaborative session
The npm package @coast-team/mute-crypto receives a total of 12 weekly downloads. As such, @coast-team/mute-crypto popularity was classified as not popular.
We found that @coast-team/mute-crypto demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 29 Mar 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Create React App Officially Deprecated Amid React 19 Compatibility Issues
Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.
By Sarah Gooding - Feb 11, 2025
Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025