You can read about the key exchange here. "Prekeys" are an extremely clever idea... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jlund on Feb 24, 2014 \| parent \| context \| favorite \| on: The New TextSecure: Privacy Beyond SMS You can read about the key exchange here. "Prekeys" are an extremely clever idea: https://whispersystems.org/blog/asynchronous-security/ Fingerprint verification protects against MITM attacks. The application provides a nice interface where two users can scan a QR code to easily compare fingerprints. A hexadecimal fingerprint is also readily accessible.

acqq on Feb 24, 2014 [–]

It looks that the prekeys are stored on a server. How is the existence of the prekeys on the server (which can be compromised) not an issue?

robryk on Feb 25, 2014 | [–]

Prekeys are prerecorded responses to connection initiation: in the alternative world with no prekeys this is what you'd get when you've opened a connection.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact