On Fri, 2016-06-10 at 07:13 -0700, Wei Chuang wrote: > >That said, your Axolotl header encryption could be a wide block > > cypher that encrypted the body too. > > I'm not familiar with Axolotl header encryption. Do you mean to use > Axolotl to help protect the header metadata?
No. It provides traffic whitening and keeps the ratchet itself from leaking metadata about replies. But compared with catastrophe of SMTP itself, the metadata leaked by Axolotl, GPG, etc. seem irrelevant. It uses the previous root key to create a key for encrypting the header that is known by both sides. In effect, it extracts a kind of 3-step ratchet from the axolotl 2-step ratchet. Pond's ratchet does this for example. Jeff
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging
