search

otrv4 / pidgin-otrng

Fork of https://bugs.otr.im/plugins/pidgin-otr. This is a mirror of https://bugs.otr.im/otrv4/pidgin-otrng
GNU General Public License v2.0
16 stars 5 forks source link

Display connection/security information somewhere? #67

Closed olabini closed 5 years ago

olabini commented 5 years ago

For reference: https://bugs.otr.im/plugins/pidgin-otr/issues/103

olabini commented 5 years ago

There are several other issues about this, including #99

claucece commented 5 years ago

This is related to this: https://github.com/otrv4/pidgin-otrng/issues/71

claucece commented 5 years ago

So, basically the idea of information to have will be:

Main information:

Understanding OTRv4
OTRv4 is the fourth version of the Off-the-Record Protocol.
OTRng -the plugin you are using- is the plugin that implements the 4th
version of the OTR protocol. This version provides better deniability
properties by the use of a deniable authenticated key exchange (DAKE),
and better forward secrecy through the use of the double ratchet algorithm.

OTRv4 properties

OTRv4 Properties
These are the properties that make OTRv4 different to other protocols:

Cryptographic properties:

Online Deniability: Users using OTRv4 cannot provide proof of participation to any third
parties without making themselves vulnerable to KCI attacks, even if they perform
arbitrary protocols with these third parties.
Offline Deniability: Anyone can forge a transcript between two users by only using the
long-term public keys.
Backward and Post-Compromise Secrey:
End-to-end encryption:
Participation deniability:
Message deniability: 
Immediate decryption:

Network properties:

Message-loss resilience:
Support of out-of-order:
Support of different modes:

OTRv4 Cryptographic Suite

OTRv4 Cryptographic Suite
These are the cryptographic algorithms used by OTRv4:
Deniable Authenticated Key Exchange (a way to generate a first shared secret and to deniably authenticate each other): DAKEZ and XZDH
Verification (a way to verify that you are indeed talking to whom you think): Fingerprint comparison and the Socialist Millionaire Protocol 
Conversation Encryption and Authentication (algorithms used to generate keys to encrypt messages and to authenticate them): The double ratchet algorithm,  XSalsa20, MAC
Key generation (algorithms used for the key generation): ECDH (Ed448) and DH (dh 3072)"
Hash Functions (algorithms used to derive keys): SHAKE-256
MauroVelasco commented 5 years ago

Hey,

This is a preview of the info page with tabs. We will remove extra spaces and do more styling.

info_pidginotrv4

claucece commented 5 years ago

These are the papers:

For deniability: https://petsymposium.org/2018/files/papers/issue1/paper12-2018-1-source.pdf For forward, post-compromise secrecy, immediate decryption and message-loss resilience: https://link.springer.com/content/pdf/10.1007%2F978-3-030-17653-2_5.pdf For participation, message deniability and support of out-of-order: http://cacr.uwaterloo.ca/techreports/2015/cacr2015-02.pdf For Support of different modes: the protocol itself, section modes: https://github.com/otrv4/otrv4/blob/master/otrv4.md#otrv4-modes

:)