[cryptography] Asynchronous forward secrecy encryption

Marco Pozzato mpodroid at gmail.com
Mon Sep 16 07:45:43 EDT 2013

Hi all,

I'm looking for an asynchronous messaging protocol with support for forward
secrecy: I found some ideas, some abstract paper but nothing ready to be

OTR seems the preeminent protocol, but does not have support for
asynchronous communication.
This post https://whispersystems.org/blog/asynchronous-security/ describes
an interesting variation on OTR: the basic idea is to precalculate 100
Diffie-Hellman and consume one at every new message.

On the opposite side, for OpenPGP lovers, I found an old extension
http://tools.ietf.org/html/draft-brown-pgp-pfs-01 which adopt the same
approach, using many short-lived keys, which frequently expire (eg: every
week) and are deleted.

They are both clever ideas to provide PFS, but what does it mean to the
average user? Let say that today I discover an attack run on 1st of August:

   - OTR variation: I do not know which messages were wiretapped. 100
   messages could spawn few hours or two months.
   - OpenPGP: I know I lost messages sent in the first week of August.

What do you think about it?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130916/4e7a74eb/attachment.html>

More information about the cryptography mailing list