A MITM attack is more than just trusting your SSL cert or Facebook. How do we know *you* aren’t secretly intercepting our messages? Does your platform assume we have to trust *you*?
On Dec 18, 2013, at 3:36 AM, SafeChat.IM <[email protected]> wrote: > Thanks for all the comments so far! > >> Is there a reason you did not consider using OTR? Or another of the >> many secure chat protocols? > > > We did not want to use OTR, because we do not want to have forward secrecy > and message deniability. Our idea is to built an encryption scheme that is > completely transparent to the user, it should not appear different to him if > he is chatting over an encrypted Facebook chat or not. This way we hope to > make encryption easier, less of hassle and more mainstream. If we had session > keys that expire after the conversation is over, the user wouldn't be able to > read the messages later on (or on a different device) or send offline > messages (all things possible with original Facebook Messenger). > >> What safeguards do you have against a MITM attack? > > > We were thinking to query the public key server over HTTPS and validate the > certificate (either through a CA or hard coded in the plugin). Also, wouldn't > you have to compromise the public key server (to deliver wrong pub keys to > both parties) and the communication channel to Facebook (to intercept the > message) at the same time? Therefore, we thought that only Facebook itself > would have a realistic opportunity for MITM attacks (meaning the user would > have to trust us, that we don't cooperate with them). > > We also thought about building a decentralized Web-of-Trust, but found it > hard to establish a second secure channel (assuming that users don't > necessarily engage in real life) without impacting usability. > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
