[cryptography] Asynchronous forward secrecy encryption
trevp at trevp.net
Wed Sep 18 13:53:37 EDT 2013
On Wed, Sep 18, 2013 at 10:22 AM, Michael Rogers
<michael at briarproject.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On 18/09/13 17:27, Trevor Perrin wrote:
>> Hmm, I would've thought clocks are *less* reliable than storage on
>> most devices.
> That may be true, but this isn't a choice between relying on the clock
> or relying on storage. It's a choice between relying on both, or
> relying only on the clock.
A quick glance at Briar makes it looks like it already uses local storage:
>> Certainly this has worse forward-secrecy than updating keys
>> per-message, as keys for old ciphertext are kept around for some
> Yes, updating keys per-message would be preferable if we could assume
> an ongoing two-way exchange of messages. For OTR's instant messaging
> use case that's a reasonable assumption. For Briar's use case it's not.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> -----END PGP SIGNATURE-----
More information about the cryptography