|
|
|
|
|
|
by 1101010010
1163 days ago
|
|
|
> Never sharing keys reduces the risk too. That's not up you, it's up to your adversary. > How much does rotating credentials reduce risk? Should I rotate once a year? Once a month? As frequently as possible. Signal for example uses ephemeral keys for each message. > Rotating every day would be even more secure, right? But how much more? I think not very much. Stop guessing and use empirical evidence to support your reasoning. > The risk is that I don’t know if I’m compromised. But I think that risk is less than the errors involved in rotating keys according to some arbitrary schedule. It's arbitrary because you are making a strawman argument to support a foregone conclusion. |
|
|
There’s a big difference between identity keys and session keys. It makes total sense to use lots of throw away keys (this is how tls works) but making a new identity key for every message is madness.
There is no empirical evidence for how frequently to rotate your identity keys.
A few years ago NIST started recommending never changing passwords unless they are compromised [0]. Identity keys aren’t exactly the same as passwords but I think they are similar.
I don’t think anyone quantifies how much of a benefit there is to changing your password nor how frequently to change it. “As frequently as possible” is not useful advice as that could be every minute or never. I need more actionable guidance so I can weigh it against other priorities
[0] https://pages.nist.gov/sp800-63-3.html