summaryrefslogtreecommitdiff
path: root/docs/tech
diff options
context:
space:
mode:
Diffstat (limited to 'docs/tech')
-rw-r--r--docs/tech/hard-problems.md10
1 files changed, 7 insertions, 3 deletions
diff --git a/docs/tech/hard-problems.md b/docs/tech/hard-problems.md
index 72e39a9..d8a748e 100644
--- a/docs/tech/hard-problems.md
+++ b/docs/tech/hard-problems.md
@@ -66,11 +66,10 @@ In the short term, we are layering forward secret transport for email and chat r
This approach is potentially effective against external network observers, but does not achieve forward secrecy from the service providers themselves.
-In the long term, we plan to work with other groups to create new encryption protocol standards that can be both asynchronous and forward secret. There are several proposals for this:
+In the long term, we plan to work with other groups to create new encryption protocol standards that can be both asynchronous and forward secret. :
* [Forward Secrecy Extensions for OpenPGP](http://tools.ietf.org/html/draft-brown-pgp-pfs-03)
-* [Forward Secrecy for Asynchronous Messages](https://whispersystems.org/blog/asynchronous-security/)
-* Trevor Perrin's unpublished "Conversation Encryption" protocol
+* [Triple elliptical curve Diffie-Hellman handshake](https://whispersystems.org/blog/simplifying-otr-deniability/)
### Group problem
@@ -82,6 +81,11 @@ We have a lot of ideas, but we don't have any solutions yet to fix this. Essenti
Most of the interesting work in this area has been done by companies working on secure file backup/sync/sharing, such as Wuala and Spideroak. Unfortunately, there are not yet any good open protocols or free software packages that can handle group cryptography.
+There is some free software work on some of interesting building blocks that could be useful in building group cryptography. For example:
+
+* [Proxy re-encryption](https://en.wikipedia.org/wiki/Proxy_re-encryption): This allows the server to re-encrypt to new recipients without gaining access to the cleartext. The [SELS mailing list manager](http://sels.ncsa.illinois.edu/) uses OpenPGP to implement a [clever scheme for proxy re-encryption](http://spar.isi.jhu.edu/~mgreen/proxy.pdf).
+* [Ring signatures](https://en.wikipedia.org/wiki/Ring_signature): This allows any member of a group to sign, withing anyone knowing which member.
+
### Resource problem
The problem:
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 12:20:30 +0000