search

TokTok / c-toxcore

The future of online communications.
https://tox.chat
GNU General Public License v3.0
2.3k stars 289 forks source link

Consider using Noise protocol construction for KE #408

Open aaannndddyyy opened 7 years ago

aaannndddyyy commented 7 years ago

"The protocol provides confidentiality, integrity, authentication, participant consistency, destination validation, forward secrecy, backward secrecy (aka future secrecy), causality preservation, message unlinkability, message repudiation, participation repudiation, and asynchronicity."

It is well-reviewed and recommended by many crypto experts.

GrayHatter commented 7 years ago

Having been over the OMEMO spec, and review. I'm not impressed.

Also I believe that Tox in it's current form offers the same above features. Well except for

But, only because I have no idea what any of those are... Do you know?

Diadlo commented 7 years ago

@GrayHatter I think, message unlinkability means, that user can't copy/resend message

aaannndddyyy commented 7 years ago

OMEMO is a different protocol, though influenced by signal protocol. Snowden and Bruce Schneier recommend signal. It's also good for offline message confidentiality and authentication, and group chats. What is your critique?

aaannndddyyy commented 7 years ago

And tox does not provide participation repudiation and as far as I know no asynchronicity either

GrayHatter commented 7 years ago

And tox does not provide participation repudiation and as far as I know no asynchronicity either

Can you describe either?

aaannndddyyy commented 7 years ago

In tox and otr your contact cannot prove to a third party that the message content he days is from you is really from you, same in signal. This is message repudiation / deniability. But your contact can prove to a third party that you communicated with him, which can already serve as an indicator justifying further investigations. Not so in signal. Using the signal protocol, you contacts cannot even prove to a third party that you actually ever did a key exchange at all.

Asynchronous means that you can handle offline messages, once they exist, which also have the same properties. That means they too are not only encrypted and authenticated, but pfs, deniability, future secrecy, ... are still given.

goldroom commented 2 months ago

See https://github.com/TokTok/c-toxcore/pull/2450/