Florent Daigni?re wrote: > We are not debating the strength of the key here... The only purpose of > the outter layer encrytion is to avoid cheap pattern matching.
Agreed, the goal is obfuscation rather than strong encryption. However, that's orthogonal to the question of whether we need long refs to derive a suitable key. As far as I can see, we don't. For example, K = hash (A's ref, B's ref, random nonce generated by A). A's first message starts with the random nonce; the rest of the JFK exchange is obfuscated using K. The length of the refs has no effect on security, but it has a big effect on darknet usability. Cheers, Michael
