Re-encryption by clients is essential. Anything else does not preserve any of
the useful security properties of PFS.
In particular, if the sender and recipient store the same thing, it is later
possible for an attacker to discover -- purely from the encrypted messages --
whether users have exchanged messages.
Symmetric keys are short: it's feasible to use per-message keys in most
situations. (And this it the simplest to implement thing.) - dlg
On Sunday, January 18, 2015 3:51 PM, "[email protected]" <[email protected]>
wrote:
Re-encrypt and upload all messages? Seems to be weird for mobile world. And i
don't understand how re-encrypting help to preserve PFS, we still has only one
single long-term key for everything and it must be enough to decrypt messages.
15.01.2015, 12:06, "Natanael" <[email protected]>:
Den 15 jan 2015 03:47 skrev <[email protected]>:
>
> Hi everyone,
>
> Are there some best practices for keeping all encrypted message history
> securely on server or on client for accessing them later with single
> hardware or software key like ubikey?To preserve PFS, let the client
> re-encrypt and upload. The client cloud sign or MAC the ciphertext to
> prevent modification.
-- Steve K,CEO Actor.im
_______________________________________________
Messaging mailing list
[email protected]
https://moderncrypto.org/mailman/listinfo/messaging
_______________________________________________
Messaging mailing list
[email protected]
https://moderncrypto.org/mailman/listinfo/messaging
