The blog post introduces the SecureDrop Protocol, a proposed end-to-end encryption protocol for a future version of the SecureDrop whistleblowing system. It discusses the core properties of the protocol, including no accounts or user authentication, no message flow metadata, and no externally-observable server state. The post compares the SecureDrop Protocol with other messaging protocols and provides details on its message retrieval mechanism and encryption properties. It also mentions the need for post-quantum security assessment and invites feedback from the security and cryptography community.
Sort: