On 2013-02-20 6:21 AM, Jonathan Warren wrote:

It is tricky indeed. The handshaking necessary to set up the session key could 
piggyback on the first couple messages that users send to one another although 
those first several messages would not be forward-secret. I suppose that the 
session key could then be replaced with each message sent: The sender of a 
message would keep track of two session keys- one that the other party used 
previously (so that you can receive consecutive replies) and a new one that you 
are encouraging them to use on the next message.  I think it would work.

If store and forward, cannot be forward secrecy.

Suppose that human readable messages, messages that might contain important secrets, are only exchanged when the sender and the final recipient are both online at the same time, then forward secrecy no problem. Both parties set up a shared transient secret session key, as usual, which goes away when offline, reboot, or timeout.

_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to