[Cryptography] New White Paper: GhostLine - Information-Theoretically Secure Multi-Party Chat
Ferecides de Siros
filosofarte at protonmail.com
Mon Sep 8 22:18:21 EDT 2025
On Monday, September 8th, 2025 at 13:33, Pierre Abbat <phma at bezitopo.org> wrote:
> Shannon's proof of perfect security does not apply if you use /dev/urandom
> How well does the gentleman
> protocol work with long, variable latency and participants dropping out
> because of storms?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi Pierre,
On randomness: You're absolutely right about the information-theoretic requirements.
The implementation prioritizes hardware TRNGs when available. When only /dev/urandom
or CSPRNGs are available, the security reduces to computational rather than perfect
secrecy, though the protocol design itself maintains information-theoretic guarantees
assuming proper random material.
On connectivity: The current Gentleman Protocol assumes reasonably stable networks.
With high/variable latency or frequent dropouts:
- - Turn-taking becomes challenging (timeouts need adjustment)
- - Dropped participants cause desynchronization
- - Re-synchronization mechanisms would be needed
For satellite/unstable networks like you describe, additional features would be required:
heartbeat detection, adaptive timeouts, and re-sync protocols. The current implementation
is optimized for stable networks but your real-world scenarios highlight important areas
for future development.
Thanks for these practical considerations - they're crucial for real-world deployment.
Best,
Hitokiri
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOPhOn65N+XbUXMpWZ3IkUdCGxpUFAmi/jGYACgkQZ3IkUdCG
xpV8ag/+NLpsiIsZNAn99wMAGo09RoLioW5ZLtHULyyGiglBxc9BqjYU2r86s7+g
la9I1qukibODUMAqmAJthelVt1Hbsjaa2fy5AkmZ6lskXqFPjc22r4+9MIQUs3Sx
KLUt/EZQB1TvEqK4u4GcslKHZaJ/+tB4OxngpQ27QKxewMAk2pjIbnwoWdbitsX3
6Tm9DsP3HIo2/0b7vZnHpMPSO8CT1FjVZa0Y6YdB0iPz+GWS1eJzrWZHjuHeKQcM
7MP5t8T3Az23Zjabqd7ONekS2W/QGDGn11eMYC4XaTt28fgDX2Rng3L+7MH1w652
5k1t5eqADt0k+d0yNynXKemz6TWMRDGs64Nhg5wIXZqoQYuWWokw3Bqhj3tnaoWB
Y5RNVwaraqvxN/t0xH3dtccG0WLYRBuGwZFo02jIOFjxc0HZTobrf4+f2pQj8sGt
41fB8WsgNgfarWIVN4yFrKO52aZAnE0bqab46j/pFX0kRs/hD/HI3VLrfy19dLvc
0DitiVP72gEiAO2iedwpEiuyGOC1QmmPNEocURGohWKqS04+c9dC/RRDwCHPz7m/
d54C6gBnYCW/h+weX6oqQ+ewp4OqZubCDsq6gtrVt5OuQwhifVB+svDlivNkskd+
FB5fMc9sZJe+HOQg1J1EakllLW5WAqaoptCqZ7jSZiIHjEUsiLU=
=wkwK
-----END PGP SIGNATURE-----
More information about the cryptography
mailing list