Closed Fredro closed 8 years ago
embolalia
commented
8 years ago I'll let @elad661 comment on the quality of the encryption, since I think they're more in tune than I am with that kind of stuff. But expanding on what I was saying in #837: what would Sopel be doing with it? How would you propose the interface for this work? Would any arbitrary message be encryptable? Is it only messages to Sopel? From Sopel? What is the general use case here?
Fredro
commented
8 years ago A basic description of the flow. Bot needs to enter a channel that as a blowfish key set. When entering a channel to join, this key was provided. Then bot knows that communication starting with +OK or mcps means the following in that string is cipher text. So use the key on that text and output result instead of the incoming cipher text. Also when a key is set in the conf the text bot is saying in a channel needs to be encrypted and say the cipher text.
There is also a way to communicate using private message. On Dec 2, 2015 14:18, "Ed Powell" notifications@github.com wrote:
I'll let @elad661 https://github.com/elad661 comment on the quality of the encryption, since I think they're more in tune than I am with that kind of stuff. But expanding on what I was saying in #837 https://github.com/sopel-irc/sopel/issues/837: what would Sopel be doing with it? How would you propose the interface for this work? Would any arbitrary message be encryptable? Is it only messages to Sopel? From Sopel? What is the general use case here?
— Reply to this email directly or view it on GitHub https://github.com/sopel-irc/sopel/issues/951#issuecomment-161287414.
elad661
commented
8 years ago Just like we said in #837 - no. We are not going to implement this.
This encryption algorithm is quite flawed, as detailed in both the "security.md" file you linked to and wikipedia. Using an encryption algorithm that is known to be broken is worse than using plain text, because it gives you a false sense of security.
Furthermore, I don't want to write (or even review) any piece of crypto code. Crypto is complicated, and crypto code should only be written by experienced cryptographers who studied the subject. Otherwise the chances of accidentally introducing encryption flaws (or side channel attack vectors) are way too high.
And most importantly, people should not trust IRC or Sopel for any security-sensitive scenario. Sopel was never audited, and IRC has protocol flaws that makes it fundamentally unsafe.
So no, this is not going to be implemented, and pull requests implementing this will be rejected.
It would be very useful if you could implement the use of a popular plugin for irc clients called FiSH. It uses blowfish encryption for channels and between users.
I saw a rejected issue about this, but I think it was rejected on the wrong terms. The fish stated there is not the actual fish used. Please look at the current implementation of fish 10. The repo for it is here:
https://github.com/flakes/mirc_fish_10
There is a security document also with more answers.
https://github.com/flakes/mirc_fish_10/blob/master/SECURITY.md
I hope you can reconcider since it's a very popular tool on the irc community.
Another alternativ is called mircryption, it uses the same crypto as fish, but uses a different identifier for the ciphertext, it has support for fish also. Here is more info about it and the eggdrop variant
http://www.donationcoder.com/Software/Mouser/mircryption/others_eggdrop.php