Differences

This shows you the differences between two versions of the page.

--- pgpfan:minimalist [2020/05/30 21:53] – more to the point b.walzer
+++ pgpfan:minimalist [2021/06/15 19:50] (current) – Less awkward. b.walzer
@@ Line 8: / Line 8: @@
   - Your correspondent does the opposite operations to get the message.
-If you want to sign your message (a separate operation in PGP) then you:
+If you want to sign your message then you:
   - Hash the message.
@@ Line 18: / Line 18: @@
 As a contrast, consider the Signal Protocol for instant messaging. I will not attempt to describe Signal in any detail as I would get parts of it wrong. It would also make for a pointlessly long article. There is a high level description of the Signal protocol [[https://signal.org/docs/|here]]. None of the following comments are intended to be critical, they are intended to give an idea of the level of complexity of the protocol in total:
-  * Signal has at least 2 systems for creating [[pgpfan:forward_secrecy|forward secrecy]]. Those systems require a system to deal with loss of synchronization.
+  * Signal has at least 2 systems for creating [[pgpfan:forward_secrecy|forward secrecy]]. Each system requires a system to deal with loss of synchronization.
   * A Signal session requires the storage and maintenance of a lot of state information.
   * Signal normally uses a server based "prekey" system to deal with the case where a client is offline and thus is unable to negotiate.
-  * Signal achieves [[pgpfan:repudiability]] with a triple Diffie-Hellman key exchange.
+  * Signal achieves partial [[pgpfan:repudiability|deniability]] with a triple Diffie-Hellman key exchange. OpenPGP achieves [[pgpfan:anonymous|complete deniability]] by not signing the message in the first place.
+  * Supporting the Signal protocol in practice requires a separate system to store and protect past messages((Currently (2021) this invokes an entire database system (SQLite) with an encryption extension to protect the secrecy of the old messages.)). Since this is at odds with [[forward_secrecy|forward secrecy]] such a system will end up with a system to delete old messages.
+The Signal Protocol is built on ideas from the [[pgpfan:off_the_record|Off the Record]] (OTR) protocol. Interestingly enough, OTR was intended to improve PGP by adding extra functionality. Signal adds functionality on top of the OTR functionality. So Signal could be considered the result of an attempt to improve something by making it more complex.
+I believe that reliability and security are best achieved with simple systems. OpenPGP is a standard that describes such a system.
+[[pgpfan:index|PGP FAN index]]
-The Signal Protocol is built on ideas from the [[pgpfan:off_the_record|Off the Record]] (OTR) protocol. Interestingly enough, OTR was intended to improve PGP by adding extra functionality. Signal adds functionality on top of the OTR functionality. So Signal could be considered the result of an attempt to improve something by making it more complex. I am one of those that feel that reliability and security are best achieved with simple systems.