即时通信的端到端加密在OTR到Double Ratchet之间经历了多种算法,我打算把这些算法的发展历程整理一下。
先看看SCIMP:
[SCIMP]: https://netzpolitik.org/wp-upload/SCIMP-paper.pdf
[SCIMP-INSECURE]: https://eprint.iacr.org/2016/703.pdf
刚刚把Double Ratchet看懂了,其实就是结合了OTR的DH Ratchet和SCIMP的KDF Ratchet.去掉了OTR的key advertising,KDF Ratchet里面的chain key再派生一次用作message key使得chain key不用长时间保留。
先看看SCIMP:
[SCIMP]: https://netzpolitik.org/wp-upload/SCIMP-paper.pdf
[SCIMP-INSECURE]: https://eprint.iacr.org/2016/703.pdf
刚刚把Double Ratchet看懂了,其实就是结合了OTR的DH Ratchet和SCIMP的KDF Ratchet.去掉了OTR的key advertising,KDF Ratchet里面的chain key再派生一次用作message key使得chain key不用长时间保留。