[cryptography] Asynchronous forward secrecy encryption

Trevor Perrin trevp at trevp.net
Tue Sep 17 19:14:09 EDT 2013


On Tue, Sep 17, 2013 at 2:01 PM, Michael Rogers
<michael at briarproject.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Marco,
>
> This is a problem we're working on as part of the Briar project. Our
> approach is pretty simple: establish a shared secret when you first
> communicate, periodically run that secret through a one-way function
> to get a new shared secret, and destroy the old one.

Why not have separate symmetric keys for each direction of
communication (Alice -> Bob, Bob->Alice).

Then whenever a party encrypts or decrypts a message, they can update
the corresponding key right away, instead of having to wait.

(Or look at OTR's use of updating Diffie-Hellmans).


Trevor


More information about the cryptography mailing list