[messaging] Double Ratchet spec

Moxie Marlinspike moxie at thoughtcrime.org
Tue Nov 29 19:22:56 PST 2016


If there are any lingering IP questions around these documents:

1) Open Whisper Systems has not filed for any patents.

2) All Open Whisper Systems code is available under an open source license.

3) All of our specifications are placed in the public domain.

4) Open Whisper Systems welcomes third-party use of the terminology
we've used in these documents.

Regarding the documents we published and the full Signal Protocol:

As we previously stated, Signal Protocol includes multiparty,
multidevice, media, and authentication features built on top of the
elements we've recently documented.  Signal Protocol is also a moving
target; we're continuing to make enhancements for new use cases and new
security features, and will continue doing so for the foreseeable
future.  Once we've gotten more experience managing the documents we've
published thus far, we'll consider how to document these higher-level
elements and new features.

We've made an effort to release standalone documents in order to make
these concepts easier to reuse by different projects with different
environments and constraints, and to avoid confusion between projects
using Signal-like mechanisms and the full Signal Protocol.

Regarding use of the names "Signal" and "Signal Protocol":

These documents provide the flexibility projects with different
constraints might need to implement something that works for them, so
there is a fair amount of leeway in terms of how they're used as well as
how they're combined and built upon.  As a result, our preference is
that when people use what we've documented to construct their own
protocols, such creations use an independent name.

For example, the SlickSecure Mesenger might use a protocol called
"Slick," and describe it as "Slick uses X3DH[ref] with such and such
encoding and such and such key types in such and such way. The output is
used to construct a Double Ratchet[ref] session in such and such way,
etc..."

We want to maintain "Signal" and "Signal Protocol" as names associated
with up-to-date high-quality software, the latest protocol features, and
all the specific choices that we've made in implementing these concepts.
 We've made those choices very carefully, we will continue to update
them carefully, and we want people to have confidence they will benefit
from that care when they see the word "Signal."

The Signal trademark allow us to ensure that remains true; we hope to
develop a trademark licensing program in the near future, similar to
what the Linux Foundation does with Linux.  In the meantime, definitely
get in touch if you want to use the name "Signal" to represent your app.

Thanks,

- moxie

On 11/20/2016 01:18 PM, Trevor Perrin wrote:
> Hi all,
> 
> A spec for the "Double Ratchet" algorithm is available at [1].
> 
> We'd welcome feedback, as usual.
> 
> Trevor
> 
> [1] https://whispersystems.org/docs/
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging
> 

-- 
http://www.thoughtcrime.org


More information about the Messaging mailing list