[OTR-dev] OMEMO, PFS
Greg Troxel
gdt at ir.bbn.com
Tue Nov 10 17:10:21 EST 2015
Taylor R Campbell <campbell+otr at mumble.net> writes:
> Date: Tue, 10 Nov 2015 16:15:58 -0500
> From: Greg Troxel <gdt at ir.bbn.com>
>
> So it seems obvious that PFS is not a binary property; presumanbly the
> keys are overwritten (seems hard with flash wear leveling) when new
> messages happen, but there is a perhaps-months "short term key", vs a
> maybe-years "long term key", and PFS or not becomes blurry.
>
> PFS is indeed not a binary property. Aside from confusion arising
> from the loaded word `perfect' in `perfect forward secrecy', some
> people argue against using the term at all in favour of `key erasure',
> and of stating when the relevant keys are erased.
A fair point.
I would argue, though, that most people would consider that "PFS" is
only achieved when the keys that need to be erased are never written to
permanent storage. So I'd add "where stored" to "when erased".
I personally, am not confident that I can erase flash.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 180 bytes
Desc: not available
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20151110/032395ef/attachment.sig>
More information about the OTR-dev
mailing list