Does anyone know about the end to end messaging protocol used by Viber in the
release they announced yesterday? I believe it’s closed source, but I’d be
curious to know if they have posted the general protocol anywhere. I’ve not
found anything yet. I’m curious to know if it’s based on the ratchet used for
Signal or not.
https://support.viber.com/customer/portal/articles/2017401-viber-security-faq
<https://support.viber.com/customer/portal/articles/2017401-viber-security-faq>
What I really like is the improved UX for authentication I’ve not seen yet.
They use their own real-time channel (voice) to guide the user through the
fingerprint readout. Now, real-time channels are available through many tools,
but I think this is the first time I’ve seen a text messaging service do this
(ZRTP in video calls and voice calls notwithstanding).
What I’d like to see next: A way to prevent accepting the fingerprint without
reading it similar to SafeSlinger, with perhaps a shorter hash to confirm.
Cheers,
Mike
Michael W. Farb
Research Programmer, Carnegie Mellon University CyLab
www.cylab.cmu.edu/safeslinger <http://www.cylab.cmu.edu/safeslinger>
_______________________________________________
Messaging mailing list
[email protected]
https://moderncrypto.org/mailman/listinfo/messaging
