Greetings. I'm lately looking into (the absence of) secure multi-party chat protocols.
Specifically, I'm interested in protocols that provide end-to-end confidentiality, authentication and PFS between the chat members. mpOTR [0] is the first protocol that comes to mind, but the paper is not complete and there are many questions to answer before implementing it [1]. Looking at the XMPP ecosystem to see if any useful protocols have been suggested, I noticed two relevant proposals: XEP-0116 [2] and XTLS [3]. Unfortunately, if my understanding is correct, neither of these proposals provides the properties I'm looking for: Specifically, XEP-0116 seems to setup an end-to-end secure channel in a two-party chat but there is no reference to MUCs in the specification. The XTLS specification talks about its application in MUCs in the 'Introduction' section, but if I understand correctly it's only capable of setting up a TLS link between the client and the MUC service, and not pairwise between the clients. That's not sufficient, since the MUC service is honest-but-curious in my threat model. Am I reading the specs right? Are there any other solutions that I've missed? Thanks! [0]: http://www.cypherpunks.ca/~iang/pubs/mpotr.pdf [1]: https://github.com/cryptocat/cryptocat/wiki/mpOTR-Specification [2]: http://xmpp.org/extensions/xep-0116.html [3]: https://tools.ietf.org/html/draft-meyer-xmpp-e2e-encryption-02
