-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 18/09/13 17:27, Trevor Perrin wrote: > Hmm, I would've thought clocks are *less* reliable than storage on > most devices.
That may be true, but this isn't a choice between relying on the clock or relying on storage. It's a choice between relying on both, or relying only on the clock. > Certainly this has worse forward-secrecy than updating keys > per-message, as keys for old ciphertext are kept around for some > period. Yes, updating keys per-message would be preferable if we could assume an ongoing two-way exchange of messages. For OTR's instant messaging use case that's a reasonable assumption. For Briar's use case it's not. Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJSOeFqAAoJEBEET9GfxSfMJFEH/jnyd3SAYKhNAhQVFOYlvyy1 zckK4VQClQPEOwRcidSud9zSxblRQXQGJSO+pB23niHgpbomzDx7fc5jKlShF/yt sZ8qJ2gj13xZey0rp+DWK3DCcKq0erEbDd58bngJsHtFoVyjYpsZKfMi8Mqhl3iN 2QvEXkwkUzVTSX8bks30WRgGAObimvEHAOU7eOY32xZgy/l2VwUDOws5fd0lc5+p +HcEQLyckkSZnaF6C/vXa6jbNYigRLzR+UslIVnshg1BWrgShxe+f+2TtWhLDNqD 1y0vRdhW+JzQYcwmmTQyHpKGl5qCQ6vmkYxdmsm6JvGLFR06q+FG8thaWE/VCU4= =hmqv -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography