-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2014.12.10 11.31, Dmitri Vitaliev wrote: > Dear Libtech > > In recognition and celebration of Human Rights Day, eQualit.ie is > proud to release the first public draft of a provably secure > protocol for group messaging on the Internet > https://learn.equalit.ie/wiki/Np1sec > > The protocol provides for end-to-end security of synchronous > communications between any number of people. It is efficient and > builds on recent advancements in cryptographic research. Security > properties of (n+1)sec include: > > * Confidentiality: the conversation is not readable to an outsider > * Forward secrecy: conversation history remains unreadable to an > outsider even if participants’ encryption keys are compromised * > Deniable authentication: Nobody can prove your participation in a > chat * Authorship: A message recipient can be assured of the > sender’s authenticity even if other participants in the room try to > impersonate the sender * Room consistency: Group chat participants > are confident that they are in the same room * Transcript > consistency: Group chat participants are confident that they are > seeing the same sequence of messages
Hi! This is great news and I'm delighted to see a new effort in this space, especially one that's taken review seriously from the beginning. I'm curious, however, how the requirements for the protocol where arrived at. In particular, I notice that you're supporting group chat with no specific provision made for a moderator role to eject a participant from a chat room. When I've talked to users about their actual use of group chats, this is a consistent requirement and far more important than deniability, the utility of which is still unclear at best. Would you talk a bit about how you arrived at that list of properties and how moderator ejection will be implemented, assuming uncooperative clients? E. - -- Ideas are my favorite toys. -----BEGIN PGP SIGNATURE----- iF4EAREIAAYFAlSIkXoACgkQQwkE2RkM0wpfagD/b2VStN7R6VNHDr4ZEqvmTnTp lo2X4hKKX4SLDq2iaBQA/238TyDI/ZgGzgWT2bNGk3kq4xnFQj0fiRkv0oXzRYpl =hXFg -----END PGP SIGNATURE----- -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
