[messaging] [Remops] New Zax-style nymserver with forward secrecy
tom at ritter.vg
Thu Aug 14 05:12:46 PDT 2014
(Cross-Posting to messaging, context below)
I guess I missed this in May, but this is cool, thanks a lot for
working on it! I have the following, somewhat high-level thoughts:
- Axolotl will not fully ratchet for months in many use cases, merely
derive new Message Keys from the Chain Key. This is because it's not
common for you to send configuration messages to the nymserv once it's
up and running well. I don't think Axolotl was designed to be
primarily a one-way communication method, but I don't think it's
insecure in that situation either.
- Unless one was doing something very unusual and scary this
doesn't change the story from other methods - but this does now
require someone to maintain linkable state with their nym. They can't
carry that information around memorized.
- How does it handle out of order or missing messages? Does it derive
message keys and cache them until it can decrypt? Does it store those
- A GUI with no pictures? :(
 like https://ritter.vg/blog-non_persistent_pgp.html
On 13 August 2014 10:54, Jeremy Bentham Admin
<jeremyadmin at anemone.mooo.com> wrote:
> I wanted to let people know that we have developed a nice GUI client
> script for using the enhanced Zax-style nymserver at nym.now.im.
> The 'enhanced' nymserver uses ephemeral encryption on all
> non-configuration messages sent to and received from the nymserver.
> The new GUI client is written in python and supports nym
> creation/deletion/reconfiguration as well as receiving messages
> addressed to the nym via a.a.m and sending messages from the nym.
> Source code and installation instructions for the GUI client are at:
> Source code for the enhanced nymserver is cloned from Zax's original
> nymserver code (thanks Zax!) and is at:
> Finally, details on how the ephemeral encryption works, as well as
> the nymserver's public key and some other information are at:
> As always, feedback is appreciated. For a bit more time, I am running
> the nymserver logs in full debug mode so consider the operation
> experimental and don't use it for anything sensitive at this point. I
> will make a further announcement in a few weeks when I shut down the
> logging and move the nymserver into production mode.
> A couple of other notes: 1) The nymserver should also function as a
> standard Zax-style nymserver, with or without symmetric encryption. 2)
> It is not recommended to use both ephemeral and symmetric encryption
> simultaneously. 3) More details on ephemeral encryption (why it is
> important, as well some details about the Axolotl protocol used with
> nym.now.im) can be found at https://github.com/rxcomm/pyaxo
> On Thu, May 01, 2014 at 04:46:39PM +0200, Jeremy Bentham Admin wrote:
>> I've been having some fun playing with Zax's nymserver script.
>> I added the use of ephemeral symmetric encryption keys for forward
>> secrecy on posts to a.a.m as well as mail sent to the nymserver's
>> send address. Ephemeral keys are managed using the Axolotl protocol.
>> Before I turn this loose, I'd appreciate some feedback on how
>> things work. Details for using the nymserver, including the public
>> key and a script to handle client-side ephemeral encryption can be
>> found at:
>> Right now you should consider this nymserver in beta mode. I'm running
>> full debug output on the logs. Don't use it for anything sensitive.
>> I'll post my code after I get some feedback and make sure things are
>> working okay. Making the changes was pretty straightforward, thanks
>> to Zax's neat coding style.
>> Let me know what you think.
>> Jeremy Bentham Remailer Admin
>> Key fingerprint = D7DE B0DF E6F9 9256 A070 B841 1942 840B 8743 B6B5
> Jeremy Bentham Remailer Admin
> Key fingerprint = D7DE B0DF E6F9 9256 A070 B841 1942 840B 8743 B6B5
> Remops mailing list
> Remops at lists.mixmin.net
More information about the Messaging