Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://chaos.social/users/jaseg/statuses/113827859077602908">jaseg (jaseg@chaos.social)'s status on Wednesday, 15-Jan-2025 02:22:03 JST</a><a href="https://chaos.social/@jaseg" title="jaseg@chaos.social"><img src="https://gnusocial.jp/avatar/151477-48-20230726215114.webp" width="48" height="48" alt="jaseg" style="position: absolute; left: 0; top: 0;">jaseg</a><div><a href="https://gnusocial.jp/notice/8554035" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/40873" title="dalias@hachyderm.io">Rich Felker</a></li><li><a href="https://gnusocial.jp/user/43513" title="sammi@libranet.de">sammi</a></li><li><a href="https://gnusocial.jp/user/67882" title="risottobias@tech.lgbt">Risotto Bias</a></li><li><a href="https://gnusocial.jp/user/110118" title="joelanman@hachyderm.io">Joe Lanman</a></li><li><a href="https://gnusocial.jp/user/309863" title="ambiguous_yelp@social.coop">🌱🏴‍🅰️🏳️‍⚧️🐧📎 Ambiyelp</a></li></ul></div></section><article><p><a href="https://furry.engineer/@soatok">@soatok</a> <a href="https://tech.lgbt/@risottobias">@risottobias</a> <a href="https://hachyderm.io/@dalias">@dalias</a> <a href="https://hj.9fs.net/khm">@khm</a> <a href="https://social.coop/@ambiguous_yelp">@ambiguous_yelp</a> <a href="https://libranet.de/profile/sammi">@sammi</a> <a href="https://hachyderm.io/@joelanman">@joelanman</a> </p><p>Another point worth noting is that the way they implemented PFS in signal's ratchet, it's not like you could compromise a session by breaking a single key exchange. Instead, in a hypothetical store-now-decrypt-later attack you would have to have a (gapless!) history of all traffic in either direction between two devices since they established contact, and you'd have to crack thousands of key exchanges.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4372755#notice-8554036">In conversation</a><time datetime="2025-01-15T02:22:03+09:00" title="Wednesday, 15-Jan-2025 02:22:03 JST">about 9 months ago</time> <span>from <span><a href="https://chaos.social/@jaseg/113827859077602908" rel="external" title="Sent from chaos.social via ActivityPub">chaos.social</a></span></span><a href="https://chaos.social/@jaseg/113827859077602908">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
jaseg (jaseg@chaos.social)'s status on Wednesday, 15-Jan-2025 02:22:03 JSTjaseg
in reply to
@soatok @risottobias @dalias @khm @ambiguous_yelp @sammi @joelanman
Another point worth noting is that the way they implemented PFS in signal's ratchet, it's not like you could compromise a session by breaking a single key exchange. Instead, in a hypothetical store-now-decrypt-later attack you would have to have a (gapless!) history of all traffic in either direction between two devices since they established contact, and you'd have to crack thousands of key exchanges.
In conversationabout 9 months ago from chaos.socialpermalink

Public

Embed Notice

HTML Code

Corresponding Notice