[Cryptography] What is a secure conversation? (Was: online forums...)

[Jerry Leichter]

On Dec 28, 2013, at 11:49 AM, Phillip Hallam-Baker wrote:
> ...At some point it is going to be easier to design one protocol that supports all the different messaging modes with security built in rather than working out how to back-fit security into each legacy protocol separately....
Except that there is a line at synchronous vs. asynchronous communication that divides mechanisms with fundamentally different characteristics.  Synchronous communication can have perfect forward security; asynchronous communications cannot.

This division bothers me.  It seems to me there's something missing in our descriptions so that we fail to capture the nature of this distinction.  It feels as if there should be a continuum here, where you get full PFS for communications with an arbitrarily short lifetime, degenerating into the usual more limited guarantees for things that are stored long term.  And I suppose you could come up with a simple theory along that line, where you need to retain keying material only as long as some message isn't delivered.  But this seems very forced and unnatural.  I think we're missing something.

                                                        -- Jerry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131228/71b9f7cd/attachment.html>