Hi all, I'm looking for an asynchronous messaging protocol with support for forward secrecy: I found some ideas, some abstract paper but nothing ready to be used.
OTR seems the preeminent protocol, but does not have support for asynchronous communication. This post https://whispersystems.org/blog/asynchronous-security/ describes an interesting variation on OTR: the basic idea is to precalculate 100 Diffie-Hellman and consume one at every new message. On the opposite side, for OpenPGP lovers, I found an old extension http://tools.ietf.org/html/draft-brown-pgp-pfs-01 which adopt the same approach, using many short-lived keys, which frequently expire (eg: every week) and are deleted. They are both clever ideas to provide PFS, but what does it mean to the average user? Let say that today I discover an attack run on 1st of August: - OTR variation: I do not know which messages were wiretapped. 100 messages could spawn few hours or two months. - OpenPGP: I know I lost messages sent in the first week of August. What do you think about it? Marco
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography