[OTR-dev] Persisting userstate object across app restarts.

Devrandom c1.otr-dev at niftybox.net
Fri Aug 15 13:36:46 EDT 2014

[resend from the right email address]

There's an idea I came up with a while ago that might be relevant -
Forgetfulness Servers.

A Forgetfulness Server remembers small key/value pairs in RAM and wipes
on request / after a timeout.  Call this "forgettable data".

In order to fulfill the PFS goals, the OTR session state could be
encrypted with a forgettable random password and then saved to disk.
The password would be wiped when the app comes back from sleep.

You could use multiple Forgetfulness Servers to reduce the chance of
collusion between the server operator and an attacker.

On Mon, 2014-08-11 at 20:19 -0400, Ian Goldberg wrote:
> On Mon, Aug 11, 2014 at 08:12:52PM -0400, Greg Troxel wrote:
> > 
> > Madhav V <madhav at avaamo.com> writes:
> > 
> > > 3. Alice goes into the app. Bob and Alice apps establish a secure session.
> > > The app persist the session on Alice' device.
> > > The session is persisted on Bob's device as well.
> > >
> > > 4. Now Bob can send Alice messages even when her phone is switched off or
> > > off the network or the app is in the background.
> > >
> > > 5. Alice's app can restore the session on restart or whenever necessary to
> > > decrypt Bob's message.
> > 
> > I can see why you want to do this, but it more or less breaks the
> > Perfect Forward Secrecy property to write the encryption keys to other
> > than RAM.   So I would be concerned about this being labeled as OTR.
> I agree with Greg.  You're planning to store *session keys* in
> persistent state?  Please don't do that.
>    - Ian
> _______________________________________________
> OTR-dev mailing list
> OTR-dev at lists.cypherpunks.ca
> http://lists.cypherpunks.ca/mailman/listinfo/otr-dev

More information about the OTR-dev mailing list