Secure Messaging

This system covers secure messaging protocol and satisfies the following security properties;

Correctness

If no attacker interferes with the transmission, Bob outputs the messages sent by Alice in the correct order and vice versa.

Immediate decryption and message-loss resilience (MLR)

Messages must be decrypted as soon as they arrive. If a message is lost, the parties do not delay and waste time.

Authenticity

While the parties' states are uncompromised (i.e., unknown to the attacker), the attacker cannot change the messages sent by them or inject new ones. Privacy: While the parties' states are uncompromised, an attacker cannot obtain any information about the messages sent.

Forward secrecy (FS)

All messages sent and received prior to a state compromise of either party (or both) remain hidden from an attacker. Post-compromise security (PCS) (aka channel healing): If the attacker remains passive (i.e., does not inject any corrupt messages), the parties recover from a state compromise (assuming each has access to fresh randomness).

Randomness leakage/failures

While the parties' states are uncompromised, all the security properties above except PCS hold even if the attacker completely controls the parties' local randomness. That is, good randomness is only required for PCS.