[cryptography] Asynchronous forward secrecy encryption
ben at links.org
Tue Sep 17 06:14:24 EDT 2013
On 16 September 2013 12:45, Marco Pozzato <mpodroid at gmail.com> wrote:
> Hi all,
> I'm looking for an asynchronous messaging protocol with support for
> forward secrecy: I found some ideas, some abstract paper but nothing ready
> to be used.
Long ago I did a thing called Apres, which was allegedly an anonymous
presence protocol, but includes async messaging with PFS.
> OTR seems the preeminent protocol, but does not have support for
> asynchronous communication.
> This post https://whispersystems.org/blog/asynchronous-security/describes an interesting variation on OTR: the basic idea is to
> precalculate 100 Diffie-Hellman and consume one at every new message.
> On the opposite side, for OpenPGP lovers, I found an old extension
> http://tools.ietf.org/html/draft-brown-pgp-pfs-01 which adopt the same
> approach, using many short-lived keys, which frequently expire (eg: every
> week) and are deleted.
> They are both clever ideas to provide PFS, but what does it mean to the
> average user? Let say that today I discover an attack run on 1st of August:
> - OTR variation: I do not know which messages were wiretapped. 100
> messages could spawn few hours or two months.
> - OpenPGP: I know I lost messages sent in the first week of August.
> What do you think about it?
> cryptography mailing list
> cryptography at randombit.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography