[OTR-users] Question-/Anwer authentication - Possible improvement

Jan Wort d_jan at ymail.com
Wed Dec 11 05:31:31 EST 2013


Sadly I don't have a great idea to solve the problem either, but I experienced similar problems (and solutions)  with authentication. I used as well the "2 Words, all lowercase"-like workaround, nevertheless I and the other person often failed. The best way I found is to set up the authentication in real live and to tell "now write [these characters]". 

It is a great improvement to have the shared answer-question instead of having to read the keys itself. But at least in my experience  authentication is not done even by technology and security-wise actually well educated individuals. E.g. most computer scientists I know have not done it (but use the encryption part of OTR), not to speak of "non-nerds" who don't understand at all what I want them to do and who are not very enthusiastic anymore once we failed 1 or 2 times to get the shared secret answer right. 

- Jan




Ian Goldberg <ian at cypherpunks.ca> schrieb am 15:43 Dienstag, 10.Dezember 2013:
 
On Tue, Dec 10, 2013 at 03:34:09PM +0100, Daniel Brendle wrote:
> Hello, OTR-people
> 
> 
> //Edit. As i read through my email again, i recognized that it would be
> more readable writing "person A" for the person that wants to
> authenticate someone by question-and-answer and "person B" for the
> person who is to answer the secret question.
> 
> I have a question regarding the question/answer-authentication-process
> in OTR. It often happens, that me and friends, who i try to convince to
> using OTR end up doing the authentication several times because of mere
> typos or upper-/lowercase stuff. In other cases, person B knows the
> right answer to the question but expresses it in an other manner that
> person A the question expected.
> 
> When i understand OTR right, the communication (also the
> verification-process) is already done under the protection of
> encryption.
> Wouldn't it be possible to send the question to person B, wait for the
> answer and let person A interpret the result, not the machine, without
> losing strength of security?
> 
> As i see it, it would even increase security as well as usability:
> 
> 1. We could utilize much more complicated questions that require much
> more complicated answers, which were, as it currently is done,
> impossible to do because there are differences in the version of person
> A and person B.
> 2. It would increase usability of OTR and thereby acceptance by more
> normal not-geeky people.
> 
> Maybe i am missing something. Why is OTR not working the way i
> described?
> 
> Regards, Grindhold
> 
> Kudos to the OTR-Devs. You are doing marvellous work. 

Unfortunately, that would be fatal to security.  The purpose of the
authentication protocol is to distinguish the case where Alice is
talking directly to Bob over an encrypted channel (the desired case)
from the case where Alice is talking to an eavesdropper over an
encrypted channel, and the eavesdropper forwards the messages to Bob
over another encrypted channel (the man-in-the-middle case).  See
https://otr.cypherpunks.ca/help/4.0.0/levels.php for a picture.

If Bob just typed his answer and it was sent to Alice, then in the
second case, the eavesdropper would *also* see the answer, and indeed
Alice would accept the answer.  This would be very bad.

What I typically do is ask the question, and also put something like "(2
words, all lowercase)" at the end of the question.

   - Ian

_______________________________________________
OTR-users mailing list
OTR-users at lists.cypherpunks.ca
http://lists.cypherpunks.ca/mailman/listinfo/otr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20131211/9d2df1ac/attachment.html>


More information about the OTR-users mailing list