Cryptography nerds: How would you describe the forward secrecy properties of a protocol where receivers publish DH shares to a discovery service, along with an AES encrypted cookie of what the secret component is. Receivers hold the AES key and revoke/rotate it every 24 hours.
-
-
Time bounded semi-static PFS?
-
That's a good name for it! Reminds me of TLS tickets too.
- 1 more reply
New conversation -
-
-
I may have gaps in my understanding, but I'm struggling to distinguish the PFS properties of your algorithm versus rotating a published public key. In both, the recipient must retain secrets sufficient to decrypt stored messages for the rotation window (and until retrieval). No?
-
On the surface it's similar to rotating a static DH every 24 hours. Except that DH breaks (logjam, PQ) only leak one conversation per break, but an AES break would leak all.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.