[cryptography] Asynchronous forward secrecy encryption
trevp at trevp.net
Tue Sep 17 19:14:09 EDT 2013
On Tue, Sep 17, 2013 at 2:01 PM, Michael Rogers
<michael at briarproject.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Hi Marco,
> This is a problem we're working on as part of the Briar project. Our
> approach is pretty simple: establish a shared secret when you first
> communicate, periodically run that secret through a one-way function
> to get a new shared secret, and destroy the old one.
Why not have separate symmetric keys for each direction of
communication (Alice -> Bob, Bob->Alice).
Then whenever a party encrypts or decrypts a message, they can update
the corresponding key right away, instead of having to wait.
(Or look at OTR's use of updating Diffie-Hellmans).
More information about the cryptography