[OTR-dev] Ensuring transcript soundness in a multiparty chat setting

[George Kadianakis]

Hello again Matthew (and otr-dev),

I was recently thinking of ways to make sure that all participants of
a multiparty chat see the same transcript at all times. It seems like
a very important security property.

Papers like mpOTR (and the recent "Improved Group Off-the-Record
Messaging" paper by Liu et al. [0]) are "solving" the problem simply
by sending out a hash of all previous sent and received messages. This
seems like a crude solution that does not even allow you to detect
out-of-order messages (which can make a big difference when human
beings communicate with each other).

I also read your "OldBlue: Causal Broadcast in A Mutually Suspicious
Environment" paper [1], and it seems like it would fit nicely in the
multiparty chat scenario.

Some questions:

Do you think it's worth incorporating a causal broadcast protocol in a
multiparty chat? And is there an easier way to get what we want?

Also, are you aware of any recent work on the same topic that might be
worth reading?

Also also, the paper is full of pseudocode. Did you actually
implement/test OldBlue?  Is the code available somewhere publically?

Thanks!

[0]: http://www-users.cs.umn.edu/~hopper/gotr.pdf‎
[1]: http://matt.singlethink.net/projects/mpotr/oldblue-draft.pdf