consistent pcp/pbp formats (was: Curve p25519 Replacements for GnuPG?(x2 now) ..)
stef
s at ctrlc.hu
Tue Jan 21 02:37:28 PST 2014
On Tue, Jan 21, 2014 at 01:32:23PM +0400, Yuriy Kaminskiy wrote:
> Well, if you look at code, actual format is a bit different:
thanks for catching that!
> Correct format should be:
> 6[1]|temp_keypair.pubkey|len(recipients)[4]|(recipients...)|(secretboxes...)
> where recipients is a concatenated list of
> random_nonce|box(temp_keypair.privkey, recipient crypto pk, random_nonce,
> packet key)
i think in this case the temp_keypair.pubkey should actually be signed by the
long-term signing key. otherwise it opens up again the trust problem. anyway i
don't see immediately why the asym approach is better instead of the sym, as
the asym does quite the same as the sym, only the key derivation is different.
--
pgp: https://www.ctrlc.hu/~stef/stef.gpg
pgp fp: FD52 DABD 5224 7F9C 63C6 3C12 FC97 D29F CA05 57EF
otr fp: https://www.ctrlc.hu/~stef/otr.txt
More information about the cypherpunks
mailing list