starred/rustdesk-rustdesk

Fork 0

mirror of https://github.com/rustdesk/rustdesk.git synced 2026-03-02 19:26:56 -05:00

Questions about encryption #50

New issue

Closed

opened 2026-02-20 22:21:17 -05:00 by deekerman · 13 comments

deekerman commented

2026-02-20 22:21:17 -05:00

Owner

Originally created by @lrq3000 on GitHub (Jun 6, 2021).

Hello,

First off, I would like to thank you for sharing your work under open-source. I have only recently discovered your great work and got some glimpses of the controversy surrounding the choice of going closed source for the fully-featured server. Although I certainly would wish that it would be open-sourced too, I am grateful that you already put efforts into providing a minimal server demo that can be used for self-hosting, and being an open-source developer myself, I can completely understand your choice to make this project a viable source of income to fund future maintenance and development, it's ultimately your time and your choice. You've made a great software you made that I would certainly recommend as an alternative of commercial (and completely closed source) alternatives such as TeamViewer, so you have all the rights to choose how you want to license your work.

That said, one thing that could extinguish all concerns would be the implementation of a cryptographically secure encryption, so that the servers can't decrypt the content of communications between the clients and agents. There are lots of libraries available nowadays to implement that easily and effortlessly. This wouldn't impair your intended business model at all, and in fact it can improve it by providing some additional guarantees. I read in your privacy policy that you are very mindful about minimizing data collection and usage, which is very honorable, but a technical guarantee would be even better. This could also potentially allow to list your software on privacy-aware softwares.

TL;DR: do you have any plan of implementing encryption in the future?

Originally created by @lrq3000 on GitHub (Jun 6, 2021). Hello, First off, I would like to thank you for sharing your work under open-source. I have only recently discovered your great work and got some glimpses of the controversy surrounding the choice of going closed source for the fully-featured server. Although I certainly would wish that it would be open-sourced too, I am grateful that you already put efforts into providing a minimal server demo that can be used for self-hosting, and being an open-source developer myself, I can completely understand your choice to make this project a viable source of income to fund future maintenance and development, it's ultimately your time and your choice. You've made a great software you made that I would certainly recommend as an alternative of commercial (and completely closed source) alternatives such as TeamViewer, so you have all the rights to choose how you want to license your work. That said, one thing that could extinguish all concerns would be the implementation of a cryptographically secure encryption, so that the servers can't decrypt the content of communications between the clients and agents. There are lots of libraries available nowadays to implement that easily and effortlessly. This wouldn't impair your intended business model at all, and in fact it can improve it by providing some additional guarantees. I read in your privacy policy that you are very mindful about minimizing data collection and usage, which is very honorable, but a technical guarantee would be even better. This could also potentially allow to list your software on privacy-aware softwares. TL;DR: do you have any plan of implementing encryption in the future?

deekerman

2026-02-20 22:21:17 -05:00

closed this issue
added the
question
label

deekerman commented

2026-02-20 22:21:20 -05:00

Author

Owner

@rustdesk commented on GitHub (Jun 6, 2021):

https://github.com/rustdesk/rustdesk/blob/master/src/server.rs#L90
https://github.com/rustdesk/rustdesk/blob/master/src/client.rs#L281

@rustdesk commented on GitHub (Jun 6, 2021): https://github.com/rustdesk/rustdesk/blob/master/src/server.rs#L90 https://github.com/rustdesk/rustdesk/blob/master/src/client.rs#L281

deekerman commented

2026-02-20 22:21:21 -05:00

Author

Owner

@lrq3000 commented on GitHub (Jun 6, 2021):

Thank you very much for referencing the pertinent source code lines, I appreciate it.

If I understand correctly, there is a secure connection from the clients/agents to the server. Hence, is the server decrypting the data received from the clients/agents before dispatching it to the other side (eg, agent -> server -> client) or is the data only decryptable by the clients/agents (ie, end-to-end encryption)? Also, could you please clarify what is the hash function and bits used by default?

@lrq3000 commented on GitHub (Jun 6, 2021): Thank you very much for referencing the pertinent source code lines, I appreciate it. If I understand correctly, there is a secure connection from the clients/agents to the server. Hence, is the server decrypting the data received from the clients/agents before dispatching it to the other side (eg, agent -> server -> client) or is the data only decryptable by the clients/agents (ie, end-to-end encryption)? Also, could you please clarify what is the hash function and bits used by default?

deekerman commented

2026-02-20 22:21:21 -05:00

Author

Owner

@rustdesk commented on GitHub (Jun 6, 2021):

is the server decrypting the data received from the clients/agents before dispatching it to the other side

The server does nothing. About more details, please check my source code or https://crates.io/crates/sodiumoxide

@rustdesk commented on GitHub (Jun 6, 2021): > is the server decrypting the data received from the clients/agents before dispatching it to the other side The server does nothing. About more details, please check my source code or https://crates.io/crates/sodiumoxide

deekerman commented

2026-02-20 22:21:21 -05:00

Author

Owner

@lrq3000 commented on GitHub (Jun 6, 2021):

Ahhhh what you call "server" in the source code here is the agent, not the relay server, which is a separate repository (the server demo etc). So it's end-to-end encrypted, that's awesome!

NaCl is an awesome choice! Could you please clarify what hashing function is used? I'm not a Rust nor NaCl dev, just a privacy hobbyist :-)

@lrq3000 commented on GitHub (Jun 6, 2021): Ahhhh what you call "server" in the source code here is the agent, not the relay server, which is a separate repository (the server demo etc). So it's end-to-end encrypted, that's awesome! NaCl is an awesome choice! Could you please clarify what hashing function is used? I'm not a Rust nor NaCl dev, just a privacy hobbyist :-)

deekerman commented

2026-02-20 22:21:21 -05:00

Author

Owner

@rustdesk commented on GitHub (Jun 6, 2021):

relay server,

Yes, I meant relay server, not https://github.com/rustdesk/rustdesk/blob/master/src/server.rs

@rustdesk commented on GitHub (Jun 6, 2021): > relay server, Yes, I meant relay server, not https://github.com/rustdesk/rustdesk/blob/master/src/server.rs

deekerman commented

2026-02-20 22:21:21 -05:00

Author

Owner

@rustdesk commented on GitHub (Jun 6, 2021):

hashing function is used

crypto_sign_ed25519 for signature creation and verification
crypto_box_curve25519xsalsa20poly1305 for asymmetric cryptography
crypto_secretbox_xsalsa20poly1305 for symmetric cryptography

@rustdesk commented on GitHub (Jun 6, 2021): > hashing function is used crypto_sign_ed25519 for signature creation and verification crypto_box_curve25519xsalsa20poly1305 for asymmetric cryptography crypto_secretbox_xsalsa20poly1305 for symmetric cryptography

deekerman commented

2026-02-20 22:21:21 -05:00

Author

Owner

@lrq3000 commented on GitHub (Jun 6, 2021):

Awesome!!! Thank you VERY much for your clarifications!

I would suggest to add on your website that the communications are end-to-end encrypted between the agents and clients, that's a great asset!

Have a great day and thank you very much for your work!

@lrq3000 commented on GitHub (Jun 6, 2021): Awesome!!! Thank you VERY much for your clarifications! I would suggest to add on your website that the communications are end-to-end encrypted between the agents and clients, that's a great asset! Have a great day and thank you very much for your work!

deekerman commented

2026-02-20 22:21:21 -05:00

Author

Owner

@lrq3000 commented on GitHub (Jun 6, 2021):

PS: Could you please add another non-recurring donation link (beside GitHub Sponsor, there's PayPal, Open Collective, crypto, etc)? I can't afford to have recurring donations but I'd like to send you a small donation as a token of my appreciation for your work :-)

@lrq3000 commented on GitHub (Jun 6, 2021): PS: Could you please add another non-recurring donation link (beside GitHub Sponsor, there's PayPal, Open Collective, crypto, etc)? I can't afford to have recurring donations but I'd like to send you a small donation as a token of my appreciation for your work :-)

deekerman commented

2026-02-20 22:21:21 -05:00

Author

Owner

@rustdesk commented on GitHub (Jun 6, 2021):