Perfect Forward Secrecy #454

Open
opened 2013-08-27 14:19:20 +02:00 by drkiko · 0 comments
drkiko commented 2013-08-27 14:19:20 +02:00 (Migrated from github.com)

Abstract

This document describes a method of key exchange and use to achieve Perfect Forward Secrecy. A means of encryption to ensure that, should a single message be decrypted, all other parts of the conversation remain secure.

This specification consists mainly of two parts. The first part describes the method of key exchange and generation of subsequent keys. The second part describes a usage pattern to insure no messages are lost and authenticated to come from the expected source.

Lastly, a simple method for plausible deniability is given.

This proposal does not try to solve node profiling attacks (ISP level monitoring of nodes).

Motivation

The Bitmessage protocol uses a fixed set of keys per address to encrypt and sign messages. Should one message be compromised, the other messages sent to the same address are at risk as well.

Perfect Forward Secrecy uses a new set of keys to encrypt and sign each message.
More info https://bitmessage.org/forum/index.php/topic,2981.0.html
https://github.com/sipa/secp256k1
Python library http://docs.python.org/3/library/ssl.html
Interesting article .
http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html

Abstract This document describes a method of key exchange and use to achieve Perfect Forward Secrecy. A means of encryption to ensure that, should a single message be decrypted, all other parts of the conversation remain secure. This specification consists mainly of two parts. The first part describes the method of key exchange and generation of subsequent keys. The second part describes a usage pattern to insure no messages are lost and authenticated to come from the expected source. Lastly, a simple method for plausible deniability is given. This proposal does not try to solve node profiling attacks (ISP level monitoring of nodes). Motivation The Bitmessage protocol uses a fixed set of keys per address to encrypt and sign messages. Should one message be compromised, the other messages sent to the same address are at risk as well. Perfect Forward Secrecy uses a new set of keys to encrypt and sign each message. More info https://bitmessage.org/forum/index.php/topic,2981.0.html https://github.com/sipa/secp256k1 Python library http://docs.python.org/3/library/ssl.html Interesting article . http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html
This repo is archived. You cannot comment on issues.
No Milestone
No project
No Assignees
1 Participants
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Bitmessage/PyBitmessage-2024-12-19#454
No description provided.