For the #web #developers out there.
Imagine this. The first packet a client sends to a service is encrypted already with an AEAD algo. With this single packet the user is able to establish a real time bidirectional socket to the server.
During the handshake process the server automatically logs the user in using their identity certificate which holds their public key. The certificate is signed and verifiably authentic.
A username and password was never sent. Next to no login middleware is required to do your typical user authentication procedure. Avoiding potentially a good amount of typical security protocols.
Avoid spending a pretty penny on hardware designed to store hashed psws. Avoid hashing algorithm logic and instead rely on raw cryptography embedded in the protocol.
Imagine not having a client app send cookies that you use to constantly re-authenticate each time the user makes a request to the app. Instead you have a persistent authenticated socket connection with requests over time.
Checking if a user is logged in can be as easy as a Boolean. This is exceptionally useful for systems designed so that login isn’t automatic (when resources count) and you would rather save the small login logic after a user clicks a button.
The same goes for signup. Imagine if your service could instantly identify and signup users. Yet the true identity of the user still sits behind strong cryptography.
Imagine if you could also bill users using the same info found in that first encrypted packet. A lot of power in just a single UDP packet.