ODIN.Chat a Secure, Blockchain-Powered, Decentralized-Messenger
ODIN wants you to own your conversation. Having realized the impending doomsday scenario where massive leaks of personal data lead to real-world consequences, ODIN Blockchain decided to do something about it and built ODIN.Chat, a blockchain-powered, secure messenger with the end user’s privacy in mind.
Part one of this series explained the Diffie-Hellman key exchange protocol that allows a private conversation via ODIN.Chat without exposing the encrypted key(s) to external parties.
Part two will discuss how a second layer of security — a key derivation function can act in unison with the Diffie-Hellman key exchange protocol allowing for a double ratchet protocol for enhanced messaging encryption.
More Keys and Their Definitions
Key Derivation Function Ratchet (KDF Ratchet) — We define a KDF as a cryptographic function that takes a secret and random KDF key and some input data and returns output data. The output data is indistinguishable from random provided the key isn’t known. (Signal.org)
Layer One: Diffie-Hellman Ratchet
Alice’s initial messages advertise her ratchet public key. Once Bob receives one of these messages, Bob performs a DH ratchet step: He calculates the DH output between Alice’s ratchet public key and his ratchet private key, which equals Alice’s initial DH output. Bob then replaces his ratchet key pair and calculates a new DH output: (Signal.Org)
That looks really secure. Wouldn’t a single ratchet message encryption be enough?
In short, maybe, but let’s discuss the benefits this second layer adds.
When online shopping, for instance, you generate an initial key via the Diffie-Hellman key exchange and in most situations, use that key in all transactions going forward. This single key model isn’t the greatest of ideas when it comes to messaging. Imagine a nefarious party has been tracking your messages for a year in their encrypted state. These stored encrypted messages are piling up while the attacker systematically tries key after key after key. Eventually, whether it be tomorrow or five years from now, they will happen across the correct key, leaving all past, present, and future messages exposed. In the event that your conversation was of high importance — i.e. private discussion with large government figureheads, or the exchange of highly valuable financial information, then the attacker may be incentivized enough to spend the resources necessary to establish the correct key and decrypt all of your conversation.
Layer Two: Adding the Symmetric Key Ratchet
Combining the symmetric-key and DH ratchets gives the Double Ratchet
The recipient applies a DH ratchet step to derive new receiving and sending chain keys. Then she applies a symmetric-key ratchet step to the receiving chain to get the message key for the received message: (Signal.Org)
As previously mentioned, the second layer of security fixes inherent flaws with a single ratchet model. Implementation of a second layer via a double ratchet system allows for the following:
Forward and Backward Secrecy
In the event that a future key is compromised, the current and key are safe thus negating the ability to read present messages. If a past key is compromised, current and future keys are secret. This forward and backward secrecy is often called a self-healing property in cryptography.
Why does this matter?
Let’s consider our earlier example of a private conversation between two parties.
It is incredibly costly to wage war against cryptographic protocols. The malicious parties are incredibly smart and highly motivated to expose vulnerabilities allowing for decryption of conversations. It is therefore advantageous to make the decryption of these messages as hard as possible — negating any incentive to reveal the hidden information.
For instance, suppose I tell you that should you find a way to decrypt this hypothetical conversation, the information will be worth some 1,000,000.00 dollars, and the proposition of doing so will cost 500,000.00 dollars. You have 500,000.00 reasons why you should act this out. Let’s then consider that adding a second layer of encryption makes the proposition of attaining the information no longer 500,000.00 dollars, but 20,000,000.00 dollars. The incentive has been negated it no longer makes sense to go about attacking this. Now in this scenario, you’ve been guaranteed that the information is worth 1,000,000.00 dollars, and the incentive has been built in for you. In nearly all cases, the information in any given message could be useless. You may spend a fortune of time and money on the decryption of a message that says, “Great. Sounds good.” or “Hello.” — not particularly juicy right? That’s the point. We want to make the opportunity cost so high that nefarious parties don’t waste their time.
Thank you for reading! Stay tuned for part three tomorrow!
About the author
Christopher Reeder is ODIN Blockchain’s Lead Content Strategist and Technical Writer. As an advocate and researcher, he is exploring technology’s impact on privacy.
Interested in Blockchain and Cryptocurrency Technologies? Join the ODIN community!
All community ongoings and official support take place on the ODIN Reddit. Free to join — get involved now!
Read more about how to get Ø(ODIN) here.