Hello everyone! I'm currently working on JET-OMEMO, which will hopefully specify how to use OMEMO with JET to encrypt Jingle Transports.
One thing I'm not sure about is, whats the best way to encrypt the Transport Key. Initially I planned to treat the key as a message body. The resulting <encrypted/> element would then be added as a child to the <security/> element. I don't think this is a particularly elegant method though. First of all the OMEMO encryption scheme already contains a symmetric AES-128 key, which normally encrypts the message In encrypted messaging, this key is encrypted using the OMEMO ratchet. By treating the Transport Key as a message body, we introduce one unnecessary encryption layer. Ideally the Transport Key is directly encrypted with the ratchet. There are multiple ways to achieve this. As a first option, we could just create a Key Transport Message as it is already described in XEP-0384. This prevents us from choosing ciphers other than AES-128-GCM-NoPadding though, since this is the symmetric key type "hard-coded" in OMEMO currently. In order to fix the issue mentioned above, we could introduce cipher agility for the symmetric key used in OMEMO. This would allow the usage of different ciphers in OMEMO and simultaneously in OMEMO Key transport messages. Alternatively, we could skip OMEMOs symmetric encryption layer in the context of JET-OMEMO, so that the JET Transport Key is directly encrypted with the ratchet. This sounds sketchy to me though. Even though libsignal gives you direct access to the ratchet, we'd use OMEMO in a way in which it is normally not used. Ideally we would solve OMEMOs incapability of encrypting arbitrary elements altogether, but that's probably a bigger construction site? Input on this is highly appreciated :) Greetings vv
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
