If you are speaking of a cosy feeling of being secure, then yes, ATT does not diminish its level. If you're talking about real security, it absolutely does, cause one compromised device compromises all your and your chat partner's devices. Some examples:
When you go through the US customs you may be asked to hand over your phone, unlocked. While in possession of your phone, customs officer might extract the password from your device and trust transfer on the device of his own. Thanks to this brilliant ATT thing all your chat partners will never know. If you are cheating your spouse, she can pick up your device while you are sleeping... well, I hope you get the picture. Also, I didn't really read into this ATT, and I'm not really a security expert, but I think that proposed trust revocation is rather naive: > Device 1 manually revokes the trust in the key of device 2. Device 1 > automatically sends a revocation message for device 2's key to devices > whose keys it has already authenticated. Each device receiving a revocation > message from device 1 automatically revokes the trust in device 2's key, if > device 1's key has already been authenticated by it. > There, 'each device receiving a revocation message' - what if it doesn't receive this message? Like, because the device was offline? Do they continue to trust each other if they missed part of message history, despite trust being revoked by the issuer? With real certificates, there are CRL, OCSP, and I think that X.509 has a pretty complex certificate validation mechanism that is totally absent here. And since the 'bad guys' in OMEMO threat model are mostly server operators, a compromised server can very much influence message delivery between your connected clients, blocking your from revoking the trust. Oh, and they connect to your account without even knowing your password. I hope you get the picture. ср, 10 апр. 2019 г. в 11:33, Melvin Keskin <me...@olomono.de>: > Hello Andrew, > > ATT simply eliminates the disadvantage in usability which comes from > using one key per device so that you can have all advantages of OMEMO > but without the disadvantage of many manual authentications. It does > not diminish the security level of OMEMO or other benefits. > > Pleas have a look at the XEP under "Advantages": > > > For creating the described complete graph with n nodes, a total of > > T(n) = (n*(n-1))/2 ∊ O(n²) mutual authentications are needed. When > > using ATT, only T(n) = n-1 ∊ O(n) of them have to be made manually. > > All remaining authentications can be performed automatically. Thus, > > less user interaction is needed for authenticating all keys involved > > in the secure communication while preserving the same security > > level. > > -- Andrew Nenakhov CEO, Redsolution, Inc. https://redsolution.com <http://www.redsolution.com>
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
