On Mon, Sep 16, 2013 at 4:45 AM, Marco Pozzato <mpodr...@gmail.com> wrote: > Hi all, > > I'm looking for an asynchronous messaging protocol with support for forward > secrecy: I found some ideas, some abstract paper but nothing ready to be > used. > > OTR seems the preeminent protocol, but does not have support for > asynchronous communication. > This post https://whispersystems.org/blog/asynchronous-security/ describes > an interesting variation on OTR: the basic idea is to precalculate 100 > Diffie-Hellman and consume one at every new message.
Not at every new message. Only for starting a conversation with a new partner. Once a conversation is started, TextSecure uses OTR's "ratcheting" algorithm for updating DH keys as messages are exchanged. ( For a fuller picture of how this sort of key agreement could be done, you should also read that post in conjunction with the previous post: https://whispersystems.org/blog/simplifying-otr-deniability/ ) Trevor _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography