Closed karol-bisztyga closed 3 years ago
Is triple DH something else than extended triple DH(X3DH)?
It is, it differs slightly. The 3DH implementation used in libolm uses only IKB and OPKB mentioned in the Signal docs. The one-time key (OPKB) can be signed or not, depends on what clients want to do, the identity keys (IKB) are signed.
I also understood from the code that after establishing sessions successfully you can just exchange messages and it works ok with the double ratchet, is that correct?
Yes, once a Session
is established the two ratchets are incremented inside the Session
object.
Am I missing anything? Do I have to implement x3dh on my own using some specific functions from the olm library or is it handled on a high level? What's a proper way of doing this?
If you want x3dh you'll have to modify the source of libolm, it doesn't support picking a different implementation or providing an external shared secret to establish the Session
.
Hope this helps somewhat.
Thanks for the reply ❤️ Is there any doc describing 3DH maybe similar to this one so I could have an exact comparison of what are the differences? I haven't found any :(
Also what I'm interested in in the first place is whether 3DH provides forward secrecy. Do you happen to know that? Still, a detailed doc would be very helpful, thanks!
Thanks for the reply heart Is there any doc describing 3DH maybe similar to this one so I could have an exact comparison of what are the differences? I haven't found any :(
The docs can be found on the Gitlab, the 3DH setup is described here, albeit a bit briefly.
Also what I'm interested in in the first place is whether 3DH provides forward secrecy. Do you happen to know that? Still, a detailed doc would be very helpful, thanks!
It does, the usage of the one-time key in the 3DH step ensures forward secrecy.
thanks for the info! You helped a lot 🙌
Hey! I'm sorry if this issue is out of the story a bit but I got really confused about how things work in the olm library.
I want to implement X3DH + double ratchet using the olm library. Now, I followed the linked docs: this and from there I got to this one about X3DH. I think I more or less understand how things work, but I have a hard time connecting all those parts with what's in the olm codebase.
The first thing is integration with X3DH - How to do this exactly? First, I saw that here the shared secret key is calculated using
triple DH
:Is triple DH something else than extended triple DH(X3DH)? The reason it's confusing is that in the docs you have something like this:
At the same time to successfully create sessions in olm, you only need identity keys and one-time keys(inbound, outbound). In the docs, it's said that you also need a signed prekey, a signature, and also that one-time keys are optional. I also understood from the code that after establishing sessions successfully you can just exchange messages and it works ok with the double ratchet, is that correct?
Am I missing anything? Do I have to implement x3dh on my own using some specific functions from the olm library or is it handled on a high level? What's a proper way of doing this?
Thanks in advance and sorry if this turns out silly, peace!