Score:1

changing the frequency of DH ratcheting in Double Ratchet algorithm

in flag

I was going through Signal's Double Ratchet algorithm specification, and they mention that the DH ratchet step is done for every message.

I'm curious what happens if you only ratchet 1 every X messages? Specifically, what info would be leaked to an eavesdropper, and could the the protocol be adapted to handle this.

kelalaka avatar
in flag
From the source > `If an attacker steals one party's sending and receiving chain keys, the attacker can compute all future message keys and decrypt all future messages. To prevent this, the Double Ratchet combines the symmetric-key ratchet with a DH ratchet which updates chain keys based on Diffie-Hellman outputs.`
Score:1
gb flag

Essentially both ratchets are used to ensure that the encryption keys being used change for every single message. This ensures that if a message encryption key is ever compromised, an adversary can't also go back and decrypt any previous messages (forward secrecy).

If you just did the symmetric-key ratchet for X messages in a row, you'd still get a new key for every message, but the keys are predictable if an adversary obtained one of your chain keys. If an adversary did obtain one of your chain keys, then they could decrypt every message sent from that point onwards, until you used a DH ratchet to make a new chain key that the adversary could not predict.

This is fine, and is what happens when you send multiple messages in a row while the other participant is offline anyway, because you cannot perform a DH ratchet step without receiving a public key from them. It just means that you risk the adversary decrypting a few more messages (if they ever compromised your chain key) than they would be able to if you did a DH ratchet more regularly. The more often you can do a DH ratchet, the more unpredictable your encryption keys are, making it harder to compromise more than a few at a time.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.