this post was submitted on 05 Aug 2024
1 points (100.0% liked)

XMPP

316 readers
2 users here now

XMPP (aka Jabber) is the community-owned standard for real-time federated messaging.

For a quick start click here

JoinJabber.org support chat

JoinJabber.org admin support chat

XMPP.net Provider List

Also see JoinJabber.org FAQ

founded 1 year ago
MODERATORS
 

This blog post, and some of its comments are pretty interesting and concerning at the same time. Not really sure if in the end that means that nothing other than centralized controlled messaging can be as cryptography safe.

Any comments?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 3 months ago (1 children)

That Soatok jumps on this in their article without checking what the spec actually was in previous versions makes me think they didn’t really look very closely, but rather just looked for superficial support of their preconceived opinion.

Looking in the spec design document instead of digging through the source code is normally enough research in other projects where the spec design document is properly filled out. It's a mistake on OMEMO's part that the spec design document didn't include the truncation step in 0.4.0, and this mistake was fixed in their 0.7.0 version. Either way, as I said this is a positive outcome because now we have clarification.

I briefly recounted the points made in the article and I think this was the only one that was against OMEMO directly. Soatok made another post days earlier about why nothing on the market is currently better than Signal, and it makes sense that the other 3 points are still being leveraged against XMPP+OMEMO as they exist in reality, and not against OMEMO alone. It doesn't matter that OMEMO 0.7.0 is sufficient if nothing is using it, and the various implementations have their own issues. If you were to want to use XMPP+OMEMO today, you're likely using Gajim, Dino, or Conversations, or someone you're talking to is. These are still on 0.3, and this is a point that again is important to bring up and potentially solve. If no one is talking about the problem, it will not get solved.

RE quantum encryption, we know what quantum computers are capable of. You've suddenly turned into a quantum expert so you must now know that you only really need to protect your asymmetric encryption with PQ, and you would also know that you can combine PQ and traditional algorithms together in cases where you don't want to degrade existing security if there are flaws in the newer PQ algorithm. This would be the "serious" response, and "serious" software like Signal agrees.

[–] [email protected] 0 points 3 months ago* (last edited 3 months ago)

I was in the specs before as well, just not as clearly spelled out.

As for the other reasons why Soatok thinks Signal is better, well those are cherry picked and highly opinionated. There are similar lists of reasons from equally respected security researchers (that have less of a e2ee tunnel vision), that rule out Signal as a serious option due to its centralised and single vendor approach.

Which brings me to the last point. Yes, Signal is a snake-oil vendor that tries to hide the various glaring security issues of their model behind a state of the art e2ee system. But that's just a fig-leaf not really all that different from how WhatsApp claims to be secure due to them adopting e2ee.

Post-quantum encryption is an active R&D field with no proven to work solutions yet. In fact, solutions that are proudly announced as finally having solved it are regularly silently retracted as other researchers find that they actually offer less security than current state of the art encryption algorithms.