[OTR-dev] xmpp, otr vs centralized-storage messaging

Howard Chu hyc at symas.com
Mon Oct 20 01:07:15 EDT 2014 

Greg Troxel wrote:
> Some of my friends have been moving away from XMPP/OTR to chat services
> that have centralized storage of plaintext (and proprietary software
> that only works on one platform, but that's not really relevant).  While
> it's easy to criticize centralized plaintext, the usability issues are
> more complex.
>
> With the centralized plaintext service, one can continue chats across
> multiple devices, and move from computer to phone to tablet; turning on
> a device results in it connecting the serveer and getting the history.
> This has terrible security properties, but it's very handy.

This is in part why I use finch and developed OTR for finch. I run a finch 
client on my own server, which I access using ssh, and I have ssh clients with 
my pub/priv keypair on my phone, laptops, etc. The finch client runs inside a 
screen session, so I can attach to it from any of my devices and it persists 
even though my devices disconnect.

I sometimes would wish for a client with graphical windows, of course. ~25 
years ago I would have simply used MGR and rmgr to address that need. At the 
moment I'm considering a new finch-like messenger client that issues generic 
display-update commands to a local GUI client.

It all still depends on a central server, of course, but it's *my* central 
server as opposed to FB's or some other data aggregator's.

> With xmpp, messages go to the current resource, more or less, so this
> history access doesn't work.  With OTR, messages are encrypted to a
> particular xmpp client on one machine.  That's a feature, really, in
> that there is no server plaintext, but it's also less usable.
>
> So, I wonder if it is time to think about how some new version of or
> improvements to xmpp and otr could result in a system that has the
> security properties of otr, more or less, and the usability properties
> of being able to continue across multiple devices.
>
> I wonder about having a server store more or less OTR ciphertext, but
> having each message encrypted to keys for all of a user's
> currently-set-up devices.   One would lose integrity for off-line
> devices (when they connect and get old messages, the MAC keys would have
> been disclosed, so there's no guarantee they haven't been tampered
> with).  But that seems like a small issue compared to now.
>
> One could argue that there's a loss of or risk of loss of
> confidentiality, due to multiple devices and keys.  But it's much less
> Rthan the loss from using centralized plaintext storage.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

More information about the OTR-dev mailing list