[messaging] Identity keys and fingerprints

David Leon Gil coruus at gmail.com
Mon Jan 5 22:03:05 PST 2015

On Mon, Jan 5, 2015 at 4:18 PM, Trevor Perrin <trevp at trevp.net> wrote:
> The most practical approaches are probably either synchronizing the
> identity key between devices, or using it to sign device keys.  Either
> way, adding a new device might increase communication in (f), since
> Alice might have to retrieve additional device-specific prekeys,
> and/or signed device keys.

There is no need for an "identity key" to sign anything except an
initial device key. Just chase cross-signatures back to a
distinguished (by some flag) identity key that is stored offline, and
use a hash of that as the fingerprint:

xsign(device0t0, identity)
xsign(device0t0, device1t0)
xsign(device0t1, device2t0)

chase_fingerprint(device2) == hash(identity)

(Many thank to Yan for suggesting this approach to stable
fingerprints, though I don't know that she endorses it.)

This neatly avoids exposing any long-term keys to additional risk of compromise.

More information about the Messaging mailing list