[guardian-dev] Messaging Moving Forward

Michael Rogers michael at briarproject.org
Wed May 22 09:35:42 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 22/05/13 13:36, Timur Mehrvarz wrote:
> On 05/20/2013 04:12 PM, Michael Rogers wrote:
>> True - the way we handle this in Briar is to delete the shared
>> secret as soon as the first temporary secret has been derived,
>> and delete each temporary secret as soon as it expires. If the
>> shared secret is strong (eg the output of a DH key agreement),
>> the adversary should have a negligible chance of guessing it once
>> both parties have deleted it.
> 
> The party you are communicating with, could leak the initial
> shared secret. Or keep it save and at some point deliberately use
> it against you. There would be no such problem, if truly random
> ID's would be used. But I could be mistaken.

Sorry, I think you're mistaken. No matter how the IDs are generated or
distributed, both parties need to possess them, so either party can
keep a copy and reveal it later.

Cheers,
Michael

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJRnMmtAAoJEBEET9GfxSfMOkoH/jH81I3QdcFOzv/zCj5teGSQ
Oub+VaVaHlM2ogEgSPdDBM5xb9dB2Z/tf/3w/QLo03CheOkEQeS3oa34tKSYtfhV
y9hba2hLmpV0P+xPkVTNyPIrQYzEpxAw6XnGXpw5FlWFULE5d+0OA+L45iQXUw+I
wJnWYIeg705loolhNtyZB7ecOsRKpgFmdwtqa8UGkkr4RHcOKWZjU1wVqgVfM9Kz
vGT/AnQjqA7Gw/R+RawOhAUQd+jLtAtNyjD31ipepFnnWbwbT1Wkt32ySCLMurkz
gvg5yKSxZQz2N8s7YwHul9oNQZe7QQGCSKG2xmrSKWEaqCjx1ikdK2tDd9QiFKk=
=uidN
-----END PGP SIGNATURE-----


More information about the Guardian-dev mailing list