[messaging] Axolotl for email

Jeff Burdges burdges at gnunet.org
Fri Jun 10 13:48:56 PDT 2016

On Fri, 2016-06-10 at 07:13 -0700, Wei Chuang wrote:
> >That said, your Axolotl header encryption could be a wide block
> > cypher that encrypted the body too.  
> I'm not familiar with Axolotl header encryption.  Do you mean to use
> Axolotl to help protect the header metadata?  

No.  It provides traffic whitening and keeps the ratchet itself from
leaking metadata about replies.  But compared with catastrophe of SMTP
itself, the metadata leaked by Axolotl, GPG, etc. seem irrelevant. 

It uses the previous root key to create a key for encrypting the header
that is known by both sides.  In effect, it extracts a kind of 3-step
ratchet from the axolotl 2-step ratchet.  Pond's ratchet does this for


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20160610/0207365f/attachment.sig>

More information about the Messaging mailing list