Normalize on "Forward Secrecy" (#2212)

This commit is contained in:
Daniel Gray 2023-06-28 06:06:49 +00:00
parent f55467fc01
commit 2029ecbb8d
No known key found for this signature in database
GPG Key ID: 41911F722B0F9AE3
3 changed files with 6 additions and 5 deletions

View File

@ -99,13 +99,13 @@ The client software was independently [audited](https://briarproject.org/news/20
Briar has a fully [published specification](https://code.briarproject.org/briar/briar-spec).
Briar supports perfect forward secrecy by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol.
Briar supports Forward Secrecy by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol.
## Additional Options
!!! warning
These messengers do not have Perfect [Forward Secrecy](https://en.wikipedia.org/wiki/Forward_secrecy) (PFS), and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of **all** past communications.
These messengers do not have [Forward Secrecy](https://en.wikipedia.org/wiki/Forward_secrecy), and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of **all** past communications.
### Element
@ -189,7 +189,7 @@ Session has a [whitepaper](https://arxiv.org/pdf/2002.04609.pdf) describing the
Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
- Should have Perfect Forward Secrecy.
- Should have Forward Secrecy.
- Should have open-source servers.
- Should be decentralized, i.e. federated or P2P.
- Should use E2EE for all messages by default.

View File

@ -279,13 +279,13 @@ A VPN is pointless if it can't even provide adequate security. We require all ou
**Minimum to Qualify:**
- Strong Encryption Schemes: OpenVPN with SHA-256 authentication; RSA-2048 or better handshake; AES-256-GCM or AES-256-CBC data encryption.
- Perfect Forward Secrecy (PFS).
- Forward Secrecy.
- Published security audits from a reputable third-party firm.
**Best Case:**
- Strongest Encryption: RSA-4096.
- Perfect Forward Secrecy (PFS).
- Forward Secrecy.
- Comprehensive published security audits from a reputable third-party firm.
- Bug-bounty programs and/or a coordinated vulnerability-disclosure process.

View File

@ -24,6 +24,7 @@
*[FCM]: Firebase Cloud Messaging
*[FDE]: Full Disk Encryption
*[FIDO]: Fast IDentity Online
*[FS]: Forward Secrecy
*[fork]: A new software project created by copying an existing project and adding to it independently
*[GDPR]: General Data Protection Regulation
*[GPG]: GNU Privacy Guard (PGP implementation)