Re: [Standards] OMEMO Key Agreement

2017-06-06 Thread Sebastian Verschoor
Thanks, I that clears some things up for me, not so worrisome after all, I now believe that the users are properly authenticated. I have thought about the Matrix protocol with seperated DH/signing keys some more and discussed it with a colleague and we believe it is fine. A very minor points

Re: [Standards] OMEMO Key Agreement

2017-06-06 Thread Dave Cridland
On 6 Jun 2017 14:14, "Richard van der Hoff" wrote: At the risk of turning the standards list into a forum discussing the finer points of cryptographic key exchange, I thought it might be useful weigh in on some of the issues raised, in the hope of clearing up some confusion.

Re: [Standards] Encrypted Jingle File Transfer

2017-06-06 Thread Vanitas Vitae
Hi Goffi! I actually already thought about the securiy element as well. It seems like there are two different possibilities here: * Implement the security element o - leaves metadata in the clear o + more flexible and easier to implement o + integrates better into existing

Re: [Standards] OMEMO Key Agreement

2017-06-06 Thread Matthew Hodgson
On 6/2/17 9:18 PM, Sebastian Verschoor wrote: I also noted that although Olm has been audited [9], the scope of the audit only concerns the double ratchet. Given that Olm differs from Signal only in the handshake, I find this strange. Has the handshake not been audited? Am I missing

Re: [Standards] Encrypted Jingle File Transfer

2017-06-06 Thread Goffi
Le dimanche 4 juin 2017, 15:01:45 CEST Vanitas Vitae a écrit : > Hi! > > As part of my GSoC project I'd like to think of a way to enable > end-to-end encrypted Jingle file transfer. [...] Hi, really nice to see somebody working on that. I haven't read your stuff in details yet (running out of

Re: [Standards] OMEMO Key Agreement

2017-06-06 Thread Richard van der Hoff
At the risk of turning the standards list into a forum discussing the finer points of cryptographic key exchange, I thought it might be useful weigh in on some of the issues raised, in the hope of clearing up some confusion. As Matthew has previously said: it's certainly not our intention to

Re: [Standards] Encrypted Jingle File Transfer

2017-06-06 Thread Dave Cridland
While based on the old eSessions specification, it might well be worth looking at XEP-0200 for full-stanza encryption. ISTR it was implemented by Gajim back in the day, but I may be wrong - this specification was last updated just over a decade ago.#, and my memory really isn't *that* good... On

Re: [Standards] OMEMO Key Agreement

2017-06-06 Thread Remko Tronçon
Hi Sebastian, > I was going to suggest using seperate key-pairs: one for signing and one for DH. However, upon closer inspection it seems that the X3DH-specification requires XEdDSA signatures (https://whispersystems.org/ docs/specifications/x3dh/#cryptographic-notation), so if you did that you