Louis Granboulan <louis.r.granbou...@gmail.com> writes: > Hello, > > George Kadianakis wrote: > >> this is a post about mpOTR and secure multiparty chat protocols in >> general. I'm very interested in the secure multiparty chat problem, >> and I _really_ want to see it moving forward. > > Did you look at the work at > https://crypto.di.ens.fr/projects:pampa:main > and the software at > https://bitbucket.org/pampa/pake-im > ? >
Thanks for pointing me to these projects. They also reminded me of an issue I forgot to touch in my original post: authentication. The mpOTR paper touches authentication in section 2.2. It assumes that pubkeys for each participant were pre-shared out-of-band (which probably leads to a fingerprint verification step) , but it doesn't really examine a password-based authentication solution (which is quite useful in some use cases). The mpOTR paper mentions that the SMP-based authentication of OTR is only suitable for pairwise authentication, but it doesn't mention a similar scheme that would be useful in group environments. The papers that Louis mentioned in https://crypto.di.ens.fr/projects:pampa:main could be useful in group scenarios. Another interesting authentication case is what happens if the authentication fails only for some participants of the conversation. Do they leave the chat? If they do so, do they also warn the other participants that something sketchy is happening, or is it every man for himself? The mpOTR paper briefly explores this issue in the final paragraph of section 2.2. (Louis' post did not get published to otr-dev for some reason. Maybe he is not subscribed.) _______________________________________________ OTR-dev mailing list OTR-dev@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
