[Standards] OMEMO Key Agreement

Remko Tronçon remko at el-tramo.be
Mon May 29 15:40:30 UTC 2017


On 29 May 2017 at 07:53, Remko Tronçon <remko at el-tramo.be> wrote:

> - We change the Identity keys to be Ed25519 keys instead of Curve25519.
>

To clarify this a bit further: this is only about what is published (i.e.
the public part of the identity key). Internally, libsignal-based clients
can still keep on using Curve25519 keys (including signing the prekeys with
XEdDSA), so there's no change necessary in the state storage etc. All that
needs to change is the identity publishing step, the prekey signature
verification and the DH operation on the peer identity key (own identity
keys are already Curve25519, so don't need Ed2Curve). The key size of the
public keys is the same for Ed25519 and Curve25519, so there shouldn't be a
need for type changes in the chain from key parse to X3DH in libsignal.

Remko
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20170529/cf6d0060/attachment.html>


More information about the Standards mailing list