status-im
/
specs
mirror of https://github.com/status-im/specs.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

para

This commit is contained in:
decanus 2019-08-26 15:23:51 +02:00
parent c0ed039239
commit 5a6b40b2ce
No known key found for this signature in database
GPG Key ID: E95B8C69228FF5B4
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
x4.md
View File

@ -52,8 +52,10 @@ Conversational Security Layer provides various cryptographical properties:
1. **Confidentiality** - Ensure only intended recipients are able to read a message.
2. **Integrity** - No honest party will accept a message modified in the transit.
3. **Authentication** - Each participant in the conversation receives a proof of possession of a known long-term secret from all other participants. In addition, each participant is able to verify that a message was sent from the claimed source. This assumes trust has already been established, see [Initial Trust Establishment Specification](x5.md).
4. **Forward secrecy** - Also known as perfect forward secrecy (PFS), gives assurance that session keys will not be compromised even if the private key is compromised. Also, compromising one session key will not result in compromising other sessions.
3. **Authentication** - Each participant in the conversation receives a proof of possession of a known long-term secret from all other participants. In addition, each participant is able to verify that a message was sent from the claimed source.
This assumes trust has already been established, see [Initial Trust Establishment Specification](x5.md).
5. **Forward secrecy** - Also known as perfect forward secrecy (PFS), gives assurance that session keys will not be compromised even if the private key is compromised. Also, compromising one session key will not result in compromising other sessions.
Note: The Status Procol can work with PFS enabled and disabled. In the case of disabled PFS, the encryption is moved to the Privacy Layer and handled by Whisper. Whisper does **not** provide forward secrecy. This is a flaw of the original design which mixes security and private layer responsibilities. With PFS enabled, a message is encrypted twice.