Communications security on a computer network requires the generation, distribution, storage, and management of cryptographic keys. Transmitted information can include text messages, files, voice, video and other formats. (For the purposes here, messaging will be defined as data encrypted and delivered in any format.) Messages are generally stored in an encrypted state prior to transmission, and operations can be performed on already encrypted data. End-to-end encryption is generally characterized by communicating parties being the only users capable of decrypting messages. End-to-end encryption can prevent intermediaries and third parties used to facilitate the communications from eavesdropping and can facilitate secure communications even on compromised networks.
Secure Messaging (SM) has become the primary means of communication among billions of people worldwide, but the term lacks universally accepted formal definitions and proofs with a few exceptions. The Axolotl Ratchet aka the Double Ratchet Algorithm is modeled on the Diffie-Hellman asymmetric ratchet in the Off-the-Record (OTR) messaging system and symmetric key ratchets used by the Silent Circle messaging protocol, resulting in the currently ubiquitous Signal Protocol. Encrypting and authenticating every message with a new symmetric key is the foundation of many modern end-to-end encrypted messaging products in commercial use.
While there are a limited number of security proofs of specific implementations, there are none for the generalized protocol nor are any provably secure against brute force attack by quantum computers. Specifically, a Diffie Hellman algorithm (currently used in the Signal Protocol for asymmetric ratcheting) is generally more vulnerable compared to post-quantum cryptography like lattice or code-based algorithms. While some existing ratcheting protocols achieve desirable properties like forward secrecy and post-compromise security, formal proofs of Signal-like protocols sacrifice immediate decryption and have limited or no message loss retrieval (MLR) functionality.
There is therefore a need for improved methods, devices, and systems for improved end-to-end message encryption.