Double Ratchet Algorithm

"Double ratchet" redirects here. For the hand tool, see Wrench.
Full ratchet step in the double ratchet algorithm. The Key Derivation Function (KDF) provides the ratcheting mechanism. The first "ratchet" is applied to the symmetric root key, the second ratchet to the asymmetric Diffie Hellman (DH) key.[1]

In cryptography, the Double Ratchet Algorithm (previously referred to as the Axolotl Ratchet[2][3]) is a key management algorithm that was developed by Trevor Perrin and Moxie Marlinspike in 2013. It can be used as part of a cryptographic protocol to provide end-to-end encryption for instant messaging. After an initial key exchange it manages the ongoing renewal and maintenance of short-lived session keys. It combines a cryptographic so-called "ratchet" based on the Diffie–Hellman key exchange (DH) and a ratchet based on a key derivation function (KDF), such as a hash function, and is therefore called a double ratchet.

The algorithm provides forward secrecy for messages, and implicit renegotiation of forward keys; properties for which the protocol is named.[4]

  1. ^ Trevor Perrin (editor), Moxie Marlinspike, "The Double Ratchet Algorithm. Revision 1, 2016-11-20
  2. ^ Perrin, Trevor (30 March 2016). "Compare Revisions". GitHub. Retrieved 9 April 2016.
  3. ^ Marlinspike, Moxie (30 March 2016). "Signal on the outside, Signal on the inside". Open Whisper Systems. Retrieved 31 March 2016.
  4. ^ Cohn-Gordon, K.; Cremers, C.; Garratt, L. (2016). "On Post-compromise Security". 2016 IEEE 29th Computer Security Foundations Symposium (CSF). pp. 164–178. doi:10.1109/CSF.2016.19. ISBN 978-1-5090-2607-4. S2CID 5703986.