|
|
|
|
|
|
by segf4ult
1613 days ago
|
|
|
This has a number of advantages over GPG. In general, it provides better default security without having to fumble to pick the right options with GPG. For example: In order to get sender authentication in GPG, you have to sign the message. GPG doesn't do this by default when encrypting a message, but you can choose to add a signature. But even if you do sign the message, GPG provides non-repudiation which means that you can no longer deny that you sent the message. Kestrel provides sender authentication while preserving deniability. There are a number of other strong security guarantees that are provided by Kestrel's use of the noise protocol. There is more info on some of those properties here [1] [1]: https://getkestrel.com/docs/security-information.html |
|
|