[cryptography] Asynchronous forward secrecy encryption

Patrick Baxter patch at cs.ucsb.edu
Mon Sep 16 17:25:35 EDT 2013

Has anyone here looked at Pond?

Its by Adam Langley and while still very new and maybe in need of more
review, it seems quite promising.

On Mon, Sep 16, 2013 at 4:45 AM, Marco Pozzato <mpodroid at gmail.com> wrote:
> Hi all,
> I'm looking for an asynchronous messaging protocol with support for forward
> secrecy: I found some ideas, some abstract paper but nothing ready to be
> used.
> OTR seems the preeminent protocol, but does not have support for
> asynchronous communication.
> This post https://whispersystems.org/blog/asynchronous-security/ describes
> an interesting variation on OTR: the basic idea is to precalculate 100
> Diffie-Hellman and consume one at every new message.
> On the opposite side, for OpenPGP lovers, I found an old extension
> http://tools.ietf.org/html/draft-brown-pgp-pfs-01 which adopt the same
> approach, using many short-lived keys, which frequently expire (eg: every
> week) and are deleted.
> They are both clever ideas to provide PFS, but what does it mean to the
> average user? Let say that today I discover an attack run on 1st of August:
> OTR variation: I do not know which messages were wiretapped. 100 messages
> could spawn few hours or two months.
> OpenPGP: I know I lost messages sent in the first week of August.
> What do you think about it?
> Marco
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

More information about the cryptography mailing list