[Cryptography] Signal planning no support for plaintext SMS
Ralf Senderek
crypto at senderek.ie
Fri Nov 4 06:01:29 EDT 2022
On Thu, 3 Nov 2022, Peter Gutmann wrote:
> Is there any secure IM software that doesn't suck? Or, alternately, is severe
> suckage a prerequisite for secure IM software to filter out anyone who isn't
> really serious about having encrypted comms?
There is certainly a lot of suckage that can be avoided. But as we cannot trust
our famous PKI in today's state the one suckage that is inevitable IMHO
is the need to exchange one single initial secret with the person you'd want to
communicate with. Without this, the communication may be encrypted but not
authenticated, which counts as not secure on this list.
Including to avoid any metadata in the definition of secure opens another can of
worms altogether.
--ralf
More information about the cryptography
mailing list