[OTR-dev] OMEMO, PFS
Greg Troxel
gdt at ir.bbn.com
Tue Nov 10 16:15:58 EST 2015
I am curious if anyone from OTR-land has comments about the pros and
cons of OMEMO vs OTR.
http://conversations.im/omemo/
In using smssecure as well as OTR, I notice an interesting property
which is more about the implementation than the protocol, which is that
keymat is stored persistently. So after having an smssecure session
with Alice (not her real name :-) in early June, and no texts since, I
was able to send one just now, and have both of our devices still have
the keymat and have it work. Of course that means it has persisted in
flash across reboots.
So it seems obvious that PFS is not a binary property; presumanbly the
keys are overwritten (seems hard with flash wear leveling) when new
messages happen, but there is a perhaps-months "short term key", vs a
maybe-years "long term key", and PFS or not becomes blurry.
Keeping the keys definitely helps usability, but part of that is how OTR
(in adium) doesn't necessarily recover from a half-closed session
seamlessly.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 180 bytes
Desc: not available
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20151110/c4d3497c/attachment.sig>
More information about the OTR-dev
mailing list