-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Matej Kovacic wrote: > OK, the problem is what if authority force you to reveal the keys? > > I am sure you all know this: > > http://www.cypherpunks.ca/otr/Protocol-v2-3.0.0.html > Perfect forward secrecy > If you lose control of your private keys, no previous conversation > is compromised. > > Why not to add aditional feature: to generate keys each time Tor is > started (or even for each "conversation")? > > Then you have perfect forward secrecy AND also future secrecy (except an > attacker steals key for each "conversation" at the beginning of it). And > if keys are not stored anywhere, you can't give them. > > > Or this has already been discussed and I am missing something? > bye, Matej
Problem is that key generation with adequate entropy levels is time and processor intensive. It all depends on how big your keys are tho. I use a 4096 bit pgp key and it often takes up to 5 minutes to generate a new key. With a hardware RNG it's not so bad, but with a software one you are dependent on stochastic phenomena disrupting the orderliness of the computer's executions stream. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) iD8DBQFEaZ3kGkOzwaes7JsRAwZ9AJ9iZHEbAGuFH4JjtJyyv6fSFAht3QCfeKaV vaV700/gaShGuUPeSMcJgZQ= =4+4O -----END PGP SIGNATURE-----
