[OTR-dev] OMEMO, PFS
Ruben Pollan
meskio at sindominio.net
Fri Nov 13 13:10:34 EST 2015
Quoting Greg Troxel (2015-11-13 17:43:06)
> Nathan of Guardian <nathan at guardianproject.info> writes:
> > Are you sure it was persisting key material? I think the idea with OMEMO
> > is to support the Axolotl/TextSecure pre-key technique using XMPP
> > infrastructure. This means, you can create a valid session key without
> > the other party needing to be online.
>
> I guess I need to go reread the protocol. I don't understand how one
> can create a session key that is used to send a message to a
> perhaps-offline party can work unless the other party is persisting the
> key needed to decrypt.
The basic idea is that you generate a bunch of pre-keys (your part of the
diffie-hellman protocol) and store them in a server. When someone wants to
communicate with you and you are not online fetch an unused pre-key from the
server and write you a message with it and her part of the shared key:
https://whispersystems.org/blog/asynchronous-security/
--
Ruben Pollan | http://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: http://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: signature
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20151113/ed3f4d4a/attachment.sig>
More information about the OTR-dev
mailing list