From 5a6b40b2ce411e6794d86d94ded16c2fce3132b4 Mon Sep 17 00:00:00 2001 From: decanus Date: Mon, 26 Aug 2019 15:23:51 +0200 Subject: [PATCH] para --- x4.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/x4.md b/x4.md index 433413c..28bda55 100644 --- a/x4.md +++ b/x4.md @@ -52,8 +52,10 @@ Conversational Security Layer provides various cryptographical properties: 1. **Confidentiality** - Ensure only intended recipients are able to read a message. 2. **Integrity** - No honest party will accept a message modified in the transit. -3. **Authentication** - Each participant in the conversation receives a proof of possession of a known long-term secret from all other participants. In addition, each participant is able to verify that a message was sent from the claimed source. This assumes trust has already been established, see [Initial Trust Establishment Specification](x5.md). -4. **Forward secrecy** - Also known as perfect forward secrecy (PFS), gives assurance that session keys will not be compromised even if the private key is compromised. Also, compromising one session key will not result in compromising other sessions. +3. **Authentication** - Each participant in the conversation receives a proof of possession of a known long-term secret from all other participants. In addition, each participant is able to verify that a message was sent from the claimed source. + + This assumes trust has already been established, see [Initial Trust Establishment Specification](x5.md). +5. **Forward secrecy** - Also known as perfect forward secrecy (PFS), gives assurance that session keys will not be compromised even if the private key is compromised. Also, compromising one session key will not result in compromising other sessions. Note: The Status Procol can work with PFS enabled and disabled. In the case of disabled PFS, the encryption is moved to the Privacy Layer and handled by Whisper. Whisper does **not** provide forward secrecy. This is a flaw of the original design which mixes security and private layer responsibilities. With PFS enabled, a message is encrypted twice.