Hi! As part of my bachelor thesis I thought about future development of the OMEMO protocol extension (xep-0384).
Some downsides of the current OMEMO usage are: * Whenever I add a new OMEMO device, I have to redo trust decisions for each device of all my contacts. * Whenever a contact adds a new OMEMO device, I have to do a trust decision on every one of my devices. * Whenever I revoke one of my devices, I have to inform all of my contacts and everyone has to manually distrust the device * Whenever a contact revokes a device, I have to distrust it on every one of my devices. (The third and fourth point might be invalid, because the one that revokes their device can clear all active devices and also change their xmpp accounts password, preventing the stolen/lost device to log in and become active again) So currently it is very annoying to keep trust synchronized across all devices. This also makes OMEMO poorly usable for IoT, since most IoT devices have no usable interface to make trust decisions. I thought a little about it and here is what I came up with. Variant I contains some ideas for some kind of web-of-trust for eg. chat devices that have a usable configuration interface. Variant II could be used for IoT devices with poor configuration interfaces. Variant I: Let's assume, I use device A and trusted some contact devices. What I could do is: * Whenever I trust a device "a" on my device A, I sign the fingerprint of "a"'s identity key with my own identity key and upload the signature to a private pubsub node (lets call it the "trust-node-A"). * When I start to use a new device B, I can fetch the contents of A's trust-node. When I decide on B, that I trust device A, I can check all the signatures in A's trust-node and automatically have transitive trust all devices trusted by A. The downside of this is, that there is a "trust gradient", meaning that older devices are higher up in the trust hierarchy than newer ones (what happens, when you lose device A?) Also distrusting devices might be a problem: For distrusting a device, we could sign not only the fingerprint of the device, but also a state indicator like "trust:FINGERPRINT" (trust-proof) or "distrust:FINGERPRINT" (distrust-proof). That way, devices could automatically ignore/delete trust-proofs, when there is one or more distrust-proof. Possible problem: What happens when an attacker distrusts all your devices or creates paradox trust decisions? Eg. assume we have devices A,B,C. A trusts B, B trusts C, C trusts A. B distrusts A, C distrusts B, A distrusts C. How to resolve? You might decide by counting, which device is trusted/distrusted by the majority of device, but that would defeat the purpose of the whole system, since again trust decisions must be made on each device. Is there something useful for this in the OpenPGP-World? It would be easier to have a single trust-node, that simply contains a trust-proof for trusted devices and/or a distrust-proof for untrusted devices. That way paradox situations are impossible. Unfortunately it is not possible (or is it?) to use a single trust-node, since we do not have a signature key that is shared between all devices. Variant II: This could be handy for IoT and is less complicated (I hope :D). Since IoT devices often do not have an easy to use interface for configuration, it might be a hassle to do trust decisions on them (which other devices should be trusted). To improve this, we might add a master-device, so each device only must trust the master. The master decides, which devices are trusted by signing their identity keys and publishing the signature on the trust-node. Each thing looks up the trust-node to decide, which other things to trust. When a device is not in the trust node, it must be distrusted. (I don't know, how IoT is done with xmpp. In this model, all things have the same jid. I don't know, whether this is also possible with unique jids for each thing.) You might as well create different trust-nodes for different "groups" of devices. That way you could group devices together. When a device fetches the trust-nodes, it has to trust only those devices, that it is in a group with together and distrust all devices that it does not share a group with. So what do you think of this? Vanitasvitae
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
