[messaging] Message persistence

David Gil dgil at yahoo-inc.com
Sun Jan 18 16:55:18 PST 2015

Re-encryption by clients is essential. Anything else does not preserve any of the useful security properties of PFS.
In particular, if the sender and recipient store the same thing, it is later possible for an attacker to discover -- purely from the encrypted messages -- whether users have exchanged messages.
Symmetric keys are short: it's feasible to use per-message keys in most situations. (And this it the simplest to implement thing.) - dlg

     On Sunday, January 18, 2015 3:51 PM, "steve at actor.im" <steve at actor.im> wrote:

 Re-encrypt and upload all messages? Seems to be weird for mobile world. And i don't understand how re-encrypting help to preserve PFS, we still has only one single long-term key for everything and it must be enough to decrypt messages. 15.01.2015, 12:06, "Natanael" <natanael.l at gmail.com>:

 Den 15 jan 2015 03:47 skrev <steve at actor.im>:
 > Hi everyone,
 > Are there some best practices for keeping all encrypted message history securely on server or on client for accessing them later with single hardware or software key like ubikey?To preserve PFS, let the client re-encrypt and upload. The client cloud sign or MAC the ciphertext to prevent modification.
  -- Steve K,CEO Actor.im 
Messaging mailing list
Messaging at moderncrypto.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150119/b588681c/attachment.html>

More information about the Messaging mailing list