We discuss, and struggle to pronounce, the difficulties in deploying HTTP public key pinning & some possible alternatives you should consider. Then we get excited for (n+1)sec, a new protocol for distributed multiparty chat encryption & explore the nuances of setting up home VPN gateway!

RSS Feeds:

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:


Show Notes:

Using VPN for all WAN traffic

  • “I have a server with 2 1GB NICs, an un-managed switch, and a single gateway. Ideally, I would like WAN traffic routed through a PIA VPN
    using openVPN, and LAN traffic to be routed locally without a VPN.”

  • Unmanaged switch isn’t ideal, but it’s far from bad.

  • Assuming the server will act as firewall / gateway

  • NIC #1 to router/modem, NIC #2 to switch with a static IP (say

  • run a DHCP server on there, handing out as the default gateway, DNS as you see fit

  • everything from LAN will go out via NIC #2 of server

  • server connects to VPN provider via OpenVPN. There are options on to set the default gateway. This is the gateway which the server will use. All traffic leaving your network will go out to that destination.

  • Not having used PIA, but I’ll guess you want your OpenVPN connection to accept their configuration settings (dns, etc) and use that on your server while it is running OpenVPN.

A Protocol For Distributed Multiparty Chat Encryption

  • review by nccgroup.

  • The protocol has the following security properties for group messaging:

  • Confidentiality: the conversation is not readable to an outsider

  • Forward secrecy: conversation history remains unreadable to an outsider even if participants’ encryption keys are compromised
  • Deniable authentication: Nobody can prove your participation in a chat
  • Authorship: A message recipient can be assured of the sender’s authenticity even if other participants in the room try to impersonate the sender
  • Room consistency: Group chat participants are confident that they are in the same room
  • Transcript consistency: Group chat participants are confident that they are seeing the same sequence of messages

I’m giving up on HPKP


Round Up:

Question? Comments? Contact us here!