On 26 jan. 2015, at 10:10, Georg Lukas <ge...@op-co.de> wrote: > * Bartosz Małkowski <bmalkow...@tigase.pl> [2015-01-26 07:58]: >> https://blog.thijsalkema.de/me/blog//blog/2015/01/23/multi-end-to-multi-end-encryption/
Hi, Author of the post here, nice to see it’s already being discussed. > This is a great writeup. Having multi-device end-to-end encryption > with offline storage will significantly improve the security and > usability of XMPP for normal people. > > I'd like to add some more points to the discussion though: > > a) it is important to allow security-conscious people to actually check > the security properties, so the list of devices/keys/fingerprints needs > to be exposed to power users, plus additional information messages when > the list is extended. Agreed completely. > b) a protocol/approach for adding devices to the list needs to be > created, maybe deploying some kind of cross-signing between one old and > the new device? Good point, I haven’t covered that, but adding new devices will indeed be more complicated than it is now. One way this could work is that you need one of the devices that already has a key on your account to bootstrap the new device (signing the new device's public key with its key). If the old device has some local logs, it could push some to the new device to still give it some backlog (re-encrypted with the new device’s key). But it does create a barrier for users. I know Firefox Sync did something like that (requiring you to input some characters from the browser on one device on the new one to add it to the sync), but apparently too many people didn’t like it, so it was removed. > c) it would be great to leverage this to secure file transfers / uploads > as well as media streams. If you just want to exchange one symmetric key, that should work fine. But using the protocol itself for filetransfers/media streams is likely going to give bad performance. > d) multi-device end-to-end encryption can also elegantly solve the MUC > security problem. Let's do it so. I don't think this solution will scale well to a group chat with more than ~10 people. The number of devices people have will likely be limited in practice, but the number of participants in a group chat can get quite large. I think there are better solutions for encrypting MUCs. Regards, Thijs
signature.asc
Description: Message signed with OpenPGP using GPGMail
