The Call of the Open Sidewalk

From a place slightly to the side of the more popular path

User Tools

Site Tools


pgpfan:minimalist

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
pgpfan:minimalist [2020/05/27 19:29] – Another Signal comment. b.walzerpgpfan:minimalist [2021/06/15 19:50] (current) – Less awkward. b.walzer
Line 8: Line 8:
   - Your correspondent does the opposite operations to get the message.   - Your correspondent does the opposite operations to get the message.
  
-If you want to sign your message (a separate operation in PGP) then you:+If you want to sign your message then you:
  
   - Hash the message.   - Hash the message.
Line 16: Line 16:
 The simple key handling is where the minimalism comes from. It is why PGP can be used in so many non-email contexts. The simple key handling is where the minimalism comes from. It is why PGP can be used in so many non-email contexts.
  
-As a contrast, consider the Signal Protocol for instant messaging. I will not attempt to describe Signal in any detail as I would get parts of it wrong. It would also make for a pointlessly long article. There is a high level description of the Signal protocol [[https://signal.org/docs/|here]]. Some comments:+As a contrast, consider the Signal Protocol for instant messaging. I will not attempt to describe Signal in any detail as I would get parts of it wrong. It would also make for a pointlessly long article. There is a high level description of the Signal protocol [[https://signal.org/docs/|here]]. None of the following comments are intended to be critical, they are intended to give an idea of the level of complexity of the protocol in total:
  
-  * Signal has at least 2 systems for creating [[pgpfan:forward_secrecy|forward secrecy]]. Each of those systems has a system to detect and deal with loss of synchronization+  * Signal has at least 2 systems for creating [[pgpfan:forward_secrecy|forward secrecy]]. Each system requires a system to deal with loss of synchronization.
-  * Because of the integration of authentication and encryption, more functionality is required to undo the authentication and produce deniability.+
   * A Signal session requires the storage and maintenance of a lot of state information.   * A Signal session requires the storage and maintenance of a lot of state information.
-  * Signal constantly generates new keys.+  * Signal normally uses a server based "prekey" system to deal with the case where a client is offline and thus is unable to negotiate. 
 +  * Signal achieves partial [[pgpfan:repudiability|deniability]] with a triple Diffie-Hellman key exchange. OpenPGP achieves [[pgpfan:anonymous|complete deniability]] by not signing the message in the first place. 
 +  * Supporting the Signal protocol in practice requires a separate system to store and protect past messages((Currently (2021) this invokes an entire database system (SQLite) with an encryption extension to protect the secrecy of the old messages.)). Since this is at odds with [[forward_secrecy|forward secrecy]] such a system will end up with a system to delete old messages. 
 + 
 +The Signal Protocol is built on ideas from the [[pgpfan:off_the_record|Off the Record]] (OTR) protocol. Interestingly enough, OTR was intended to improve PGP by adding extra functionality. Signal adds functionality on top of the OTR functionality. So Signal could be considered the result of an attempt to improve something by making it more complex. 
 + 
 +I believe that reliability and security are best achieved with simple systems. OpenPGP is a standard that describes such a system. 
 + 
 +[[pgpfan:index|PGP FAN index]]
  
-The Signal Protocol is built on ideas from the [[pgpfan:off_the_record|Off the Record]] (OTR) protocol. Interestingly enough, OTR was intended to improve PGP by adding extra functionality. Signal adds functionality on top of the OTR functionality. So Signal could be considered the result of an attempt to improve something by making it more complex. I am one of those that feel that reliability and security are best achieved with simple systems. 
  
pgpfan/minimalist.1590607745.txt.gz · Last modified: 2020/05/27 19:29 by b.walzer