[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unreliable Delivery, Ratcheting, and Secret Reuse?

From: Christian Grothoff
Subject: Re: Unreliable Delivery, Ratcheting, and Secret Reuse?
Date: Fri, 10 Jul 2020 08:44:12 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0

Hi Cy,

Please read up on the Axolotl/Signal protocol. It explains nicely how to
forget about secrets in the case of unreliable, out-of-order delivery.
This is also what CADET implements.

Happy hacking!


On 7/10/20 6:03 AM, Cy wrote:
> If I have a shared secret ratchet going on, and I send something encrypted 
> with secret 1,
> I can't get rid of secret 1, can I? I need to wait until the peer sends me 
> something
> encrypted with secret 2, before I know we've both gone past secret 1. But 
> waiting
> is dumb. If I want to send multiple messages in a row, can't I continue using 
> secret 1?
> Usually I'll just wait for a reply, but just if there are like, updates or 
> typoes, or
> something. 
> I can't think of a scenario where I'd send a message, and then send another
> one, and the first would be more incriminating than the second. Worst comes 
> to worst I
> could have a special "Abort" message that says I threw away all secrets 
> because I sent a
> message I regret. But if the Abort message itself is lost and never 
> delivered...
> Sorry this is really confusing me. Because if I send S1(M1) then discard S1 
> for S2, with
> unreliable delivery, S1(M1) might never reach you, so when you wanted to send 
> me a
> message you'd use S1 too, and I wouldn't be able to decrypt it anymore. But 
> if I hold
> onto S1, and only discard it when you use S2 or S3, then we won't have to 
> re-establish
> the conversation, in a way that seems much easier to monitor than the reuse 
> of a shared
> secret.

Attachment: 0x939E6BE1E29FC3CC.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]