Using AES-CBC with predictable IV under static key, and using SASs is not safe

[maqp]

Hi, nice to see another project working on data-diode isolated TCBs.

The line 915 of audioReceiver.py shows you're using a hard-coded and thus predictable IV. This is not safe since you're using the X25519 shared key repeatedly. Please see the explanation here for more information.

Also, you're using per-session short authentication strings that are not very secure. Please strongly consider the best practice of generating long-term ed25519 identity keys instead to sign and verify the per-session X25519 public values, and generate a 256-bit fingerprint of the ed25519 public (signature verification) key that the users verify once and mark as verified. You can combine the public keys for a symmetric fingerprint by sorting them lexicographically and taking the BLAKE2 hash of them. My recommendation is to use base-10 encoding for representing the fingerprint as human languages have evolved to communicate digits in a distinguishable way for obvious reasons.

[PowerPress]

Listen to mapq man is a legend at this type of stuff.