[Cryptography] Is "perfect forward secrecy" the biggest fraud of last decade?
Ersin Taskin
hersintaskin at gmail.com
Sun Sep 2 16:59:48 EDT 2018
On Thu, Aug 30, 2018 at 11:01 PM Ismail Kizir <ikizir at gmail.com> wrote:
> On Thu, Aug 30, 2018 at 4:49 PM William Allen Simpson
> <william.allen.simpson at gmail.com> wrote:
>
> > Does Signal really only use asymmetric algorithms?
>
> No.
> They don't!
> But, Signal Protocol has no Pre-shared symmetric key support either.
> As I already wrote several times here: PSK is the preferred method of
> armies. And they are the creator of encryption.
> About half of my chat contacts, are my real life friends and I have
> possibility to see them physically in real life.
> A simple face-to-face symmetric key exchange(by optical ways, via a qr
> code, barcode etc.) would be enough in applications, if it was defined
> in the protocol!
> Consequently, Signal, enforces everybody to use weaker(asymmetric)
> encryption where stronger(symmetric) encryption can be used!
> And everybody knows that asymmetric encryption will surely be broken!
> And it has been so popular nearly every instant messenger application
> just adopts it.
> This is horrible: This is a long term blackmail/profiling data in
> mid-term!
A high quality software platform claiming high quality encryption must
provide power users the option to avoid asymetric encryption when possible,
which boils down to pre-shared key in most cases.
Dear Ismail,
I wonder why PSK option is not present in Whatsapp, etc.? If it were, I
could/would definitely use it with a lot of people in my contacts
comprising a great deal of my communication. Do you suggest this is because
of a massive conspiracy or just the same old convenieance vs security
trade-off cobined with users are dumb-cypherpunks are few? You seem to be
studying this subject matter more seriously than me. This question is
actually directed to the entire list.
Ersin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180902/e8231395/attachment.html>
More information about the cryptography
mailing list