privacylab / talek

a Private Publish Subscribe System
BSD 2-Clause "Simplified" License
48 stars 5 forks source link

Key exchange between client and follower trust domains #23

Closed willscott closed 7 years ago

willscott commented 7 years ago

There's some care here around the encryption process for messages between the the client and the follower trust-domains that go beyond link-layer security.

We've talked about a symmetric random overlay xor'ed on responses that the client can then xor out on its side. figuring out what that is on the way out, and figuring out the process for passing requests onwards to those follower trust domains is something we should write a formal description for.

willscott commented 7 years ago

It sounds like the basic structure to follow will be:

One worry is that if requests are directly encrypted to the server's public key, subsequent loss of that key will lose forward secrecy. At a minimum, once initial functionality is achieved, we should then work towards time-based derived server keys announced and rotated on a regular basis.

ryscheng commented 7 years ago

Seems reasonable.

Maybe we can reuse some pre-existing library for ratcheting keys.

willscott commented 7 years ago

This is addressed now. Ratcheting keys remains an issue, but is a different one from this.