[cryptography] Asynchronous forward secrecy encryption

Michael Rogers michael at briarproject.org
Mon Sep 23 07:51:21 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks Trevor and Adam for your comments on this - I take your point
about the importance of forward secrecy for metadata, so I'll abandon
the idea of using ephemeral-static ECDH to protect the metadata.

On 20/09/13 01:55, Trevor Perrin wrote:
> Interesting, are the codes passwords?  Short Auth Strings?

Each endpoint generates a random code (19 bits, represented as 6
decimal digits). The users exchange codes verbally, and the endpoints
use the two codes to find each other and obfuscate the key agreement.

The meaning of "find each other" depends on the communication channel;
in the case of Bluetooth, the endpoints use the codes to generate a
Bluetooth service UUID; each endpoint advertises a service with that
UUID, looks for nearby devices advertising that UUID, and makes an
unpaired RFCOMM connection to any it finds.

The key agreement starts with a hash commitment, followed by an
exchange of ephemeral ECDH public keys. Two short authentication
strings (again, six decimal digits) are derived from the shared
secret; the users exchange the authentication codes verbally to
complete the process.

> (Elligator + DH-EKE makes a nice PAKE, fwiw.)

Thanks, I'll look into it. The protocol I described above is (loosely
ZRTP-inspired) homebrew, and it would be nice to move to something
more standard.

Cheers,
Michael

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJSQCs5AAoJEBEET9GfxSfMLyIH/i1x/yxCsge/QSoYVUhF4tSs
xBeEcZkRzsvaOdA97c02cFBQJqThnS5m3af0T6dxZWr5PfNJBnxO8j0T5gSkjgVL
lSwHUZG17IGWq9xGY49XTkpO/yw91qjvZhoIuzJf4BSnSV3c37sNIC/4GrXT88TA
2yP80YaWJtiLHFBgFoLkK6qKWyB3asIQ+zxd2AOcPtxT4QoQ8ySksSu3SWT9M8do
08hooVd6uVifHvWHSzBGnPIYGdoxeyUYEBwDWXC/ogMRIBqoAZA+nWtScm+cYqZI
um2UIByTRLcE5JOxQHw2IV1FdurBIH/zZJ2Dsc1CbFhEbhEupPxP6Dl/XZM6VsU=
=Otj3
-----END PGP SIGNATURE-----


More information about the cryptography mailing list