----- Forwarded message from Nathan of Guardian <nathan@guardianproject.info> ----- Date: Wed, 09 Oct 2013 05:53:49 -0400 From: Nathan of Guardian <nathan@guardianproject.info> To: Satz Klauer <satzklauer@googlemail.com> Cc: Guardian Project mailing lists <guardian-dev@lists.mayfirst.org> Subject: Re: [guardian-dev] Gibberbot: add strong encryption level Message-ID: <525527AD.9060905@guardianproject.info> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130804 Thunderbird/17.0.8 On 10/09/2013 01:28 AM, Satz Klauer wrote:

Sorry, I don't agree with you. Servers are "secured" by self-signed certificates mainly. If not the whole certificate thingy itself is not secure (as we have seen last years where certificate authorities have been hacked and crackers have created their own, fully valid but wrong certificates).

Gibberbot v12 (aka "ChatSecure") does not use any Certificate Authority root trust anymore. We either use certificate pinning for known services like Google, Dukgo, Facebook, etc, or we present a dialog with the certificate information for manual verification. That said, as others have pointed out, the *entire* point of OTR is that you are not trusting the transport encryption or chat server with your message encryption. Even if the server is 100% compromised, you have a means to know that your session is being MITM'd as well, if you perform the verify stap. More on that below...

So key exchange is done via an insecure channel, a person does not know who gets the key or if there is a man in the middle. So this mechanism provides some elusory security.

OTR provides two mechanisms for verification of a key, and we have worked to make it very easy in Gibberbot/CS to perform this operation, through a few actions. Once you start an OTR session up, you are prompted to "Tap to verify". This brings up the profile dialog box with three options 1) Manually verify fingerprint of the person you are chatting with by visually comparing your fingerprints (over the phone, etc) 2) Scan the fingerprint of the person using a QR code / barcode scanner, if you are standing near them 3) Use a Question+Answer or Shared Secret method to authenticate session (based on the OTR "Socialist Millionaire" protocol) from inside the OTR chat itself Once you've done this, you can trust that your session is private and not being intercepted. Otherwise, your concept about generating static keys outside of the session, and pre-sharing and verifying them directly with your contact is great... it's called OpenPGP! Many people have been asking to add some form of PGP support into Gibberbot/CS, and we are considering it. +n _______________________________________________ Guardian-dev mailing list Post: Guardian-dev@lists.mayfirst.org List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: Guardian-dev-unsubscribe@lists.mayfirst.org Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/eugen%40leitl.org You are subscribed as: eugen@leitl.org ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5