DEV Community

Discussion on: End-to-End Encrypted Chat with the Web Crypto API

Collapse
yoursunny profile image
Junxiao Shi

I see you are using ECDH shared secret as AES key. This is not advisable because the shared secret could have bias. It needs to pass through HKDF step.

Also, P-256 can only provide 128-bit strength, so that you should be using AES-128, not AES-256.

Collapse
cardoso profile image
Matheus Cardoso Author

Thank you! I'll try improving this part as well