[OTR-dev] OTR using PAKE and for group chat
louis.granboulan.developer at gmail.com
Thu Feb 18 12:42:33 EST 2010
I would like to add to an instant messenging framework an end-to-end
password-based security layer. Therefore, instead of relying on a accepting
a public key like OTR, the authentication would rely on a shared password
(cf. http://en.wikipedia.org/wiki/Password-authenticated_key_agreement )
It appears that instead of re-doing everything from scratch, a better way
might be to add this possibility to the already existing OTR framework.
However, this would imply some important changes to the OTR library, by
adding a non-OTR protocol, and I would like to know if these changes can go
mainstream when the implementation would be stable.
Moreover, I would like to extend the PAKE security to group PAKE if the
encryption is started within a multi-user group chat. I did not see any
discussion on how to interface the OTR library with group chat.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OTR-dev