[OTR-dev] xmpp, otr vs centralized-storage messaging
Peter Saint-Andre
stpeter at stpeter.im
Sun Oct 19 21:00:01 EDT 2014
On 10/19/14, 6:48 PM, Greg Troxel wrote:
>
> Some of my friends have been moving away from XMPP/OTR to chat services
> that have centralized storage of plaintext (and proprietary software
> that only works on one platform, but that's not really relevant). While
> it's easy to criticize centralized plaintext, the usability issues are
> more complex.
>
> With the centralized plaintext service, one can continue chats across
> multiple devices, and move from computer to phone to tablet; turning on
> a device results in it connecting the serveer and getting the history.
> This has terrible security properties, but it's very handy.
>
> With xmpp, messages go to the current resource, more or less, so this
> history access doesn't work.
Not exactly. There are XMPP extensions (not yet universally implemented)
to send messages to all resources and to store history on the server:
http://xmpp.org/extensions/xep-0280.html
http://xmpp.org/extensions/xep-0313.html
Naturally, it's best in that situation to run your own server.
> With OTR, messages are encrypted to a
> particular xmpp client on one machine. That's a feature, really, in
> that there is no server plaintext, but it's also less usable.
>
> So, I wonder if it is time to think about how some new version of or
> improvements to xmpp and otr could result in a system that has the
> security properties of otr, more or less, and the usability properties
> of being able to continue across multiple devices.
>
> I wonder about having a server store more or less OTR ciphertext, but
> having each message encrypted to keys for all of a user's
> currently-set-up devices. One would lose integrity for off-line
> devices (when they connect and get old messages, the MAC keys would have
> been disclosed, so there's no guarantee they haven't been tampered
> with). But that seems like a small issue compared to now.
>
> One could argue that there's a loss of or risk of loss of
> confidentiality, due to multiple devices and keys. But it's much less
> Rthan the loss from using centralized plaintext storage.
Thanks for the interesting suggestions.
Peter
More information about the OTR-dev
mailing list