undefined | Better HN

0 pointstptacek9y ago0 comments

You mean the Signal Protocol. That's its name. Axolotl was a name for a major component of Signal Protocol. Moxie and Trevor Perrin designed the protocol for Signal, and it's under active development. They own the protocol, its direction, and its documentation.

Other projects can adopt parts of the Signal Protocol, and doing that is certainly better than just making stuff up. But Signal owns the protocol, because the experts who own the protocol are attached to Signal.

0 comments

Arathorn9y ago

Yeah, just to clarify: Olm (matrix.org/git/olm) is an entirely independent implementation of the Double Ratchet algorithm (based on Trevor's original public domain spec sketch, which was originally called 'axolotl').

It's not connected to Signal or Signal Protocol or Open Whisper Systems, and subsequently we've added an entirely different new ratchet (Megolm - https://matrix.org/docs/spec/megolm.html) to handle Matrix's specific requirements for E2E.

tptacekOP9y ago

Crypto engineers tend to like the Axolotl design, which is an unusually serious cryptographic design for a messaging protocol (historically, messaging crypto has been cryptographically slapdash, with the exception of OTR).

But the reason crypto people are so positive about Signal Protocol isn't just that they like the ratchet. It's also that they trust the entire design of the system, not just the ratchet but all the rest of the cryptographic details, and also the oversight of the protocol.

It's kind of the same way that crypto engineers like stream ciphers designed as simple hash cores running in counter mode, but really what they like is stuff that Dan Bernstein designs --- they aren't encouraging you to go design your own hash-core based stream cipher!

So: it's good that these other systems adopting "Axolotl" are at least starting from a cryptographically serious place. But it's a bit jarring to see them reference "Axolotl" as if it answered the question of "why should we trust this cryptography".

A better answer would be to provide the bios of the people who designed and implemented the crypto in these systems.

Arathorn9y ago

Well, I hope on Matrix we've not been blindly namedropping axolotl/double-ratchet: instead we've tried to be as transparent as possible (more-so perhaps than OWS) in terms of speccing what we've been doing (https://matrix.org/docs/spec/olm.html, https://matrix.org/docs/spec/megolm.html, http://matrix.org/docs/olm_signing.html, https://matrix.org/speculator/spec/drafts%2Fe2e/client_serve... etc). Thanks to the Open Tech Fund we also got libolm audited by NCC Group - and we've ensured that the audit report will be publicly released (mid-Nov). Hopefully the audit & the code will speak for itself, and certainly speak stronger than bios.

1 more reply

j / k navigate · click thread line to collapse

0 comments

Arathorn9y ago

tptacekOP9y ago

A better answer would be to provide the bios of the people who designed and implemented the crypto in these systems.

Arathorn9y ago

1 more reply

j / k navigate · click thread line to collapse