undefined | Better HN

0 pointsinfinity010y ago0 comments

This is a bad security argument. With OTR / FS in general, you can re-encrypt the plaintext using a different local-only key after decrypting the forward-secure ciphertext. Then, the ciphertext that was sent over the wire is still forward-secure, and your adversary must seize your computer in order to try to decrypt the re-encrypted non-FS ciphertext you use for logs/archiving.

There really is no reason to use non-FS encryption over FS encryption for ciphertext sent over the wire.

0 comments

1 comments · 1 top-level

ultramancool10y ago

Yeah, what I always did was keep the logs on an encrypted file system... it's not like you're going to pcap your traffic to store your chat logs.

j / k navigate · click thread line to collapse