There is a task to organize traffic encryption.
Let's say there is a priori a man in the middle who listens to traffic, accumulates and at one point gets access to the private key of one of the parties. As a result, it can decrypt all traffic, because handshake also gets into the traffic dump. In other words, ssl / tsl is not an option if I understand correctly.
At the same time, it is possible to protect one of the parties by 100% (well, we will assume this is possible), in particular the server. Are there options for organizing encryption (apparently asymmetric) that allow you to prevent decryption (well, except for brute force for several years – also a separate issue) with access only to the client? At least outbound traffic?
I'm only interested in the past. Those. listening to traffic when the client is already hacked, etc. it doesn't matter anymore. The encryption volume is several kilobytes, say once a minute, so the encryption / decryption speed may not be the fastest. As an answer, the name of the method or technology is enough, then I will figure it out myself.
Maybe remove all this in I2P altogether? True, then it takes a long time to configure on the client side.
I will attach a list of protocols that are used there, just in case:
256 бит AES режим CBC с PKCS#5; 2048 бит Схема Эль-Гамаля; 2048 бит Алгоритм Диффи — Хеллмана; 1024 бит DSA; 256 бит HMAC — Алгоритм усиления криптостойкости других криптоалгоритмов; 256 бит Хэширование SHA256.