implementing-end-to-end-encryption-for-messaging
End-to-end encryption (E2EE) ensures that only the communicating parties can read messages, with no intermediary (including the server) able to decrypt them. This skill implements a simplified version
Best use case
implementing-end-to-end-encryption-for-messaging is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
End-to-end encryption (E2EE) ensures that only the communicating parties can read messages, with no intermediary (including the server) able to decrypt them. This skill implements a simplified version
Teams using implementing-end-to-end-encryption-for-messaging should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/implementing-end-to-end-encryption-for-messaging/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How implementing-end-to-end-encryption-for-messaging Compares
| Feature / Agent | implementing-end-to-end-encryption-for-messaging | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
End-to-end encryption (E2EE) ensures that only the communicating parties can read messages, with no intermediary (including the server) able to decrypt them. This skill implements a simplified version
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Implementing End-to-End Encryption for Messaging ## Overview End-to-end encryption (E2EE) ensures that only the communicating parties can read messages, with no intermediary (including the server) able to decrypt them. This skill implements a simplified version of the Signal Protocol's Double Ratchet algorithm, using X25519 for key exchange, HKDF for key derivation, and AES-256-GCM for message encryption. ## Objectives - Implement X25519 Diffie-Hellman key exchange for session establishment - Build the Double Ratchet key management algorithm - Encrypt and decrypt messages with per-message keys - Implement forward secrecy (compromise of current key does not reveal past messages) - Handle out-of-order message delivery - Implement key agreement using X3DH (Extended Triple Diffie-Hellman) ## Key Concepts ### Signal Protocol Components | Component | Purpose | Algorithm | |-----------|---------|-----------| | X3DH | Initial key agreement | X25519 | | Double Ratchet | Ongoing key management | X25519 + HKDF + AES-GCM | | Sending Chain | Per-message encryption keys | HMAC-SHA256 chain | | Receiving Chain | Per-message decryption keys | HMAC-SHA256 chain | | Root Chain | Derives new chain keys on DH ratchet | HKDF | ### Forward Secrecy Each message uses a unique encryption key derived from a ratcheting chain. After a key is used, it is deleted, ensuring that compromise of the current state does not reveal previously sent/received messages. ## Security Considerations - Delete message keys immediately after decryption - Implement message ordering and replay protection - Use authenticated encryption (AES-GCM) for all messages - Protect identity keys with device-level security - Verify identity keys out-of-band (safety numbers) ## Validation Criteria - [ ] X25519 key exchange produces shared secret - [ ] Messages encrypt and decrypt correctly between two parties - [ ] Different messages produce different ciphertexts - [ ] Forward secrecy: old keys cannot decrypt new messages - [ ] Out-of-order messages can be decrypted - [ ] Tampered messages are rejected by authentication
Related Skills
implementing-tls
Configure TLS certificates and encryption for secure communications. Use when setting up HTTPS, securing service-to-service connections, implementing mutual TLS (mTLS), or debugging certificate issues.
implementing-e2e-testing
Master end-to-end testing with Playwright and Cypress to build reliable test suites that catch bugs, improve confidence, and enable fast deployment. Use when implementing E2E tests, debugging flaky tests, or establishing testing standards.
Implementing Features
Execute specification-driven implementation with automatic quality gates, multi-agent orchestration, and progress tracking. Use when building features from specs, fixing bugs with test coverage, or refactoring with validation.
implementing-aqua-security-for-container-scanning
Deploy Aqua Security's Trivy scanner to detect vulnerabilities, misconfigurations, secrets, and license issues in container images across CI/CD pipelines and registries.
implementing-search-filter
Implements search and filter interfaces for both frontend (React/TypeScript) and backend (Python) with debouncing, query management, and database integration. Use when adding search functionality, building filter UIs, implementing faceted search, or optimizing search performance.
Implementing Observability
Instrument the application with Logging, Metrics, and Tracing (OpenTelemetry) to understand system behavior and debug production issues.
implementing-error-handling
Master error handling patterns across languages including exceptions, Result types, error propagation, and graceful degradation to build resilient applications. Use when implementing error handling, designing APIs, or improving application reliability.
azure-messaging-webpubsubservice-py
Azure Web PubSub Service SDK for Python. Use for real-time messaging, WebSocket connections, and pub/sub patterns. Triggers: "azure-messaging-webpubsubservice", "WebPubSubServiceClient", "real-time",
azure-messaging-webpubsub-java
Build real-time web applications with Azure Web PubSub SDK for Java. Use when implementing WebSocket-based messaging, live updates, chat applications, or server-to-client push notifications.
implementing-android-code
This skill should be used when implementing Android code in Bitwarden. Covers critical patterns, gotchas, and anti-patterns unique to this codebase. Triggered by "How do I implement a ViewModel?", "Create a new screen", "Add navigation", "Write a repository", "BaseViewModel pattern", "State-Action-Event", "type-safe navigation", "@Serializable route", "SavedStateHandle persistence", "process death recovery", "handleAction", "sendAction", "Hilt module", "Repository pattern", "implementing a screen", "adding a data source", "handling navigation", "encrypted storage", "security patterns", "Clock injection", "DataState", or any questions about implementing features, screens, ViewModels, data sources, or navigation in the Bitwarden Android app.
implementing-rapid7-insightvm-for-scanning
Deploy and configure Rapid7 InsightVM Security Console and Scan Engines for authenticated and unauthenticated vulnerability scanning across enterprise environments.
implementing-navigation
Implements navigation patterns and routing for both frontend (React/TS) and backend (Python) including menus, tabs, breadcrumbs, client-side routing, and server-side route configuration. Use when building navigation systems or setting up routing.