I am developing end-to-end encrypted chat system (which is open-source). When I want to give other client my public key, I need to send it trough server, right? I want to make sure no one can edit the server source code so they can read the communication.
I came up with idea that server can take the public key from Client1, then pass Server's own public key to Client2. When Client2 encrypts something, he sends it back to Server. Then Server decrypts it using his private key, encrypts the decrypted message with Client1's public key and sends it back to Client1. Now, both clients think the communication went well, but server also secretly read the message... Same goes with diffie-hellman.
What method is used to solve this problem? I am sorry if it is obvious but I am really trying to solve this for past two weeks and I haven't came up with anything..
Asked
Active
Viewed 38 times
0
ENGO_150
- 1