On Mon, Dec 15, 2014 at 1:03 PM, Sunny Marueli <[email protected]> wrote: > > I was thinking about something like this: > > if ratchet_flag: > DHRs = generateECDH() > RK = HASH( DH(A, DHRr) || DH(DHRs, B) || DH(DHRs, DHRr) ) > ratchet_flag = False
The long-term keys have already been used to agree on the root key. Why perform frequent extra DHs to re-authenticate them, instead of just using the root key? Trevor _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
