[messaging] Deniable authenticated group messaging

Michael Rogers michael at briarproject.org
Sat Apr 25 10:46:42 PDT 2015

On 25/04/15 16:52, Natanael wrote:
> Den 25 apr 2015 11:56 skrev "Michael Rogers" <michael at briarproject.org
> <mailto:michael at briarproject.org>>:
>> OK, I think I may have a solution. Sign a long-term public DH key and
>> use triple DH for key agreement.
> Sounds exactly like what axolotl does, which I've described (maybe not
> very clearly, but anyway...) in previous emails.

I could be wrong, but I don't think axolotl signs the long-term DH key
or uses signatures at all. But the problem I'm trying to solve is
bootstrapping from a signature key (which already exists for other
purposes) to deniable authentication.

However, I agree that if the solution I've described works, it's very
much like axolotl with the addition of a signature over the long-term
public DH key.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150425/3c4062a0/attachment.sig>

More information about the Messaging mailing list