Comparison between forward secrecy of HC modes, SCIMP and ZRTP

One of the things some people have asked me is what the difference between the HC modes and the forward secrecy provided by protocols such as SCIMP or  ZRTP.

SCIMP has a one-way key derivation, similar to my Hash Chain Prefix  (HCP) mode. Since it is supposed that messages sent are short, I see no performance problem in re-keying the AES cipher over and over. You can check the section “Forward Secrecy” of the paper.

ZRTP also has some kind of forward secrecy, but only after the audio stream is closed. The key derivation function is explained here. So for ZRTP I would suggest changin the AES-CTR mode to HCCK, with counter re-hashing every 5K blocks, and consecutive counters in between.

For long conversations or for streaming real-time audio/video surveillance, it is much better to provide forward secrecy at the block level, or every minute using HCCK.

  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: