HackerNews中文版HackerNews CN
GitHubTwitter

请问HN:messenger.com备份的端到端加密消息的威胁模型

1作者: leni5363 个月前原帖
messenger.com 正在推出对端到端加密(E2EE)消息的备份功能。用户需要设置一个6位数字的PIN码,以便在全新的浏览器或设备上恢复备份的消息。 这个熵值感觉太低了,我想了解它是如何设计的,以确保Meta无法通过暴力破解的方式在他们的端读取备份的消息。
查看原文
messenger.com is rolling out backup for e2ee messages. They require the user to set a 6-digit PIN to recover backed up messages on a brand new browser&#x2F;device.<p>This amount of entropy feels way too low, and I would like to understand how it is designed so that Meta can&#x27;t brute force the 6 digit PIN on their end to read the backed up messages.