[OTR-users] Reasonably secure conference / chat rooms now?

[Matthew Van Gundy]

Gregory Maxwell wrote:
>>> Does anyone know of a way, using OTR related or other protocols, to do
>>> reasonably secure multi-party chat?
>>> I found the mpOTR paper - http://www.cypherpunks.ca/~iang/pubs/mpotr.pdf -
>>> but could not find any software that implements the protocol.

The cryptographic protocols we presented in that paper makes certain
assumptions about the underlying communication medium.  I'm finishing
work on the underlying protocol over this summer.  Hopefully we can have
a beta sometime before the end of the year.

> You may not need strong deniability, ... but on the other hand the
> jabber server sees the cleartext of all participants and can be
> configured to log it (I understand this is even seen as an advantage
> of running your own jabber server). So it doesn't necessarily provide
> any deniability or even confidentiality if an attacker is able to gain
> access to the server, potentially in the far future.

Requiring a trusted server is a relevant concern.  One of the primary
motivations for our Multi-party Off-the-Record protocol was to remove
the need for a trusted server.  However, if you need a solution today, a
private jabber server is probably your best bet.

> I hope that the difficulty of hard deniability, which is a nice thing
> to have but which has questionable _legal_ usefulness especially in
> the multi-party context, isn't getting in the way of anyone developing
> a solid multi-party chat protocol with strong group confidentiality.

Actually, we've shown how to achieve strong deniability.  The remaining
challenge that we are addressing is ensuring consensus among mutually
distrusting users without requiring a trusted server.

Cheers,
Matt

--
Matt Van Gundy
Ph.D. Student, University of California, Davis
http://goliath.cs.ucdavis.edu/~matt/