GNUnet Messenger API: December 2024
Hello, last month I’ve started to mention that I began to implement forward secrecy into the Messenger service of GNUnet . The fallback for key exchange in an epoch of messages is already working. Senders of messages will generate a new key just in time and announce it. Other members of that chat epoch will appeal the new key if missing and potentially gain access if allowed. As a way to improve key exchange further I’ve utilized a key derivation function to generate new epoch keys from ones of the previous epoch if and only if all members of the previous epoch are members of the new epoch (for example in case a new member has joined the chat). Otherwise a full exchange of a new and independent key is required to avoid access leakage to previous members that already left the chat. The last remaining step to improve efficiency further requires the setup of groups (or subgroups) inside an epoch. Those groups will either be formed by two members of an epoch or two groups of the same...