Secure Messaging
Secure Messaging¶
Modern Security Properties:
- Confidentiality: Only the intended recipients can understand the contents of a message
- Integrity: The message will be delivered without alterations; and if it is, the recipient will know to reject it.
- Availability: Authorized users will have access to the resources they need
- Forward Secrecy: If a Long-term Key of the server or client is leaked some point in the future that is not enough information to decrypt a message that was sent in the past.
- Each Session Or message a new Session Key is generated and used.
- Post-Compromise Security: If a User in a Group becomes compromised there must be a way to reset the group without an attacker being able to decrypt any future messages.
- offers long-term confidentiality even if there’s a short-term break in confidentiality.
- Uses frequent Key Rotation
- Authenticity: The ability to validate which participant sent each message.
- Non-Repudiation: It it provable that a user sent a message after it is sent.
- Deniability: When a message is sent you can prove the author. But in the future you make it so that is is possible for anyone to have forged the message.
- Is hard since messages are signed for Authenticity
- Identity Keys can be passed to each user after usage
- This makes it trivial to fake a message after it is transmitted. But only after its use
Modern Properties:
- Async
- Group Messaging
- Multi Device
- Federation
- Ordering handshake message is important
- Group is a member of a Delivery Service Server
- If redundant then need a Group consensus.
Meta Data:
- Encrypt the Sender of the message. The Server does not need to know the sender.
- Can have arbitrary padding so prevent other information.
Whisper¶
- Uses Curve25519 to generate QR code keys
Identity Discovery¶
Trust on First Use (TOFU)
Encryption¶
No Encryption¶
Transport Encryption¶
End to End Encryption¶
Signal Protocol
OTR
OMEMO
How do you establish the first message to establish the session?
How do you get a key from that user and establish a shared secret?
How do you find a mapping between a user and its devices?
How do you revoke keys from devices without loosing keys to other messages?
How do you do that when the a user is offline?
How do you go from a identifier (email address) to a key?
You have to trust the server to do mappings between your contacts and their user.
The Server will verify with a email or txt message.
How do you prevent users from abusing the mappings?
Use Anonymous Identifiers. (Wire)
Use Verifiable Proof of Accounts linked to that account. (Keebase)
Forward Secrecy and Deniability¶
When user1 send something to user2 it encrypts it and sends the message and also sends the next public_key_2 that user1 will use on the next message. When the original public_key is not in use anymore user1 sends user2 the private key. This means that both sides have the key information and either side could have used the key to make that message.