[messaging] Multiple devices and key synchronization: some thoughts

carlo von lynX lynX at i.know.you.are.psyced.org
Sun Jan 4 05:12:09 PST 2015

> On Friday, January 2, 2015 10:55 AM, carlo von lynX <lynX at i.know.you.are.psyced.org> wrote:
> > As I described before in our current plan the long-lived key is not
> > supposed to be in memory anywhere. You use it to generate each device's
> > keys, you print it out on a sheet of paper, then wipe computer memory.

On Sat, Jan 03, 2015 at 04:23:48PM -0800, David Gil wrote:
> This is a terrible cost to usability. Though it provides substantial
> crypto-world benefits to security, it's unclear that it provides any
> real-world benefits. (It encourages people to not rotate keys...)

I don't see how the PGP concept of "key rotation" is relevant if all
communications work over forward secure ratchets anyhow. Why would I
need to rotate the device-identifying subkey. Am I missing something here?

Things that I would argue are terrible for usability are:
- expecting people to figure out the meaning of fingerprints
- expecting people to come up with passphrases and shared secrets
- expecting people to check a shared secret when they are
  already successfully having a conversation, be it via chat or A/V

Whereas I highly doubt it is a big deal for usability to ask the user
to either insert a "safe" USB key or send a sheet of paper to the
printer. That's all they need to do in the first round, everything
else happens later when they have a strong motivation to recover their
digital identity, so there's no problem in that situation either.

So from my perspective your usability worries might be totally unfounded.
The gains outweigh the minimal effort of plugging in a printer by far.


More information about the Messaging mailing list