[guardian-dev] Messaging Moving Forward
Michael Rogers
michael at briarproject.org
Mon May 20 10:12:01 EDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 20/05/13 12:18, Timur wrote:
> If someone, situated "close to the chat infrastructure" and able
> to wiretap all conversations would (say, years later) get access to
> a shared secret - they would be able to refit the pseudo-random
> sequence and find out that in all cases A was A and B was B. At
> least in theory.
True - the way we handle this in Briar is to delete the shared secret
as soon as the first temporary secret has been derived, and delete
each temporary secret as soon as it expires. If the shared secret is
strong (eg the output of a DH key agreement), the adversary should
have a negligible chance of guessing it once both parties have deleted it.
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJRmi8xAAoJEBEET9GfxSfM2oEH/iE3MLTSHY19YNxqPJ1qDfFm
HYp4HxfnbGseFaQFlnKZ7FJBS6zDwtJEOE7pIBJXAeDGx/udi9/9koVgL7LLWuiJ
6k1iyxhtXWraxsXPc3tbzeqGCK9tLQz2RE9JqRs9fG6QCORuPG6QaYTTtROcl3UH
lXyIoKzDGeWBDZ+AbxHKVV4R+Rx9QVbzo9YyQejojdTF4hyuYMhx4lNNknwzsSe/
TB3AqkVPPeBXUUnxlyZ0V2YyjQ5dN/6+vxpg1oDx6AFMpGh08+gpRq5JF11nHvx9
Y6VAf7Vhr2f+i6BhqQIgEs13hv6upE6GyZ1dpsZ5nfzPMEmk17TKSTsoAbjTd+o=
=Ycar
-----END PGP SIGNATURE-----
More information about the Guardian-dev
mailing list