[messaging] Introduction secrets and "unlinkable rendezvous" protocols

Robert Ransom rransom.8774 at gmail.com
Tue Feb 11 18:58:15 PST 2014


On 2/11/14, Sven Moritz Hallberg <sm at khjk.org> wrote:

> Assume Alice and Bob have exchanged keys through an insecure channel and
> need to verify their fingerprints.
>
> Alice picks two random words from the list and writes them on the back
> of a business card. She hands the card to Bob at their next meeting.

Or even better: Alice prints her public
signature-verification/identification key on the front of the business
card, and Bob checks that it matches the key he's been using.

The point of using an ‘introduction secret’ is that it can provide
authentication after the first meeting, with no prior preparation
(e.g. printing and bringing proper business cards) required.


Robert Ransom


More information about the Messaging mailing list