converse.js icon indicating copy to clipboard operation
converse.js copied to clipboard

Published 20 hours ago verified publisher icon conversejs

New Feature OpenPGP.js

Open member7me opened this issue 1 year ago • 7 comments

Hi. New Feature suggestion - to implement PGP in conversejs. It's much more secure than OMEMO and more secure as old-dated OTR

OpenPGP implementation for JavaScript https://github.com/openpgpjs/openpgpjs

member7me avatar Jul 04 '23 17:07 member7me

Agree. I heard OMEMO has vulnerabilities

tomfun avatar Jul 13 '23 23:07 tomfun

@tomfun link to this study/report/research/proof of vulnerabilities please?

licaon-kter avatar Jul 14 '23 03:07 licaon-kter

Sorry, I hadn't checked it before. My friend said it to me. My research shows this:

The only protection against man-in-the-middle attacks is to verify the fingerprints out of band over a secure channel that the hypothetical attacker does not control. Think phone call, a personal website or even better meeting each other in person.

If Alice has no prior information about Bob, she has no way to distinguish these cases, no matter how secure the protocol is. It's the same for OTR, OMEMO, WhatsApp, Signal, the post, or Twitter.

from https://crypto.stackexchange.com/questions/60082/is-omemo-vulnerable-in-case-of-compromised-jabber-server/68842#68842

As you may see, if there is trusted pgp public key storage, or your friend sent a keys to you (by trusted channel) PGP is secure.

My further research showed me that OMEMO is better if we talk about PGP without refreshed keys. PGP support encryption for multiple receivers (but it is a problem if count is big for traffic!). But anyway the security of a group chat is as strong as its weakest link - and for XMPP it is problem because of: managing an OMEMO-based system's security can be intricate because of various keys for different accounts, different XMPP clients, versions, plugins, and operating systems might all contribute to potential security risks. We can only keep all these components updated. So PGP is not so bad and have a big history (32 years !).

My notes on the topic https://gist.github.com/tomfun/83369d8302972915e58a0c4b21273ca6 I will be glad to hear a word in comments

tomfun avatar Jul 16 '23 10:07 tomfun

OpenPGP is much more better, it supports offline encryption, PGP is tested over the years, tested by thousands of researchers. OMEMO is young protocol, did not have security tests and third-party audit (did not meet any serious extensive research). Only https://conversations.im/omemo/audit.pdf but this is biased, this is not a third-party audit.

OMEMO and OTR both are vulnerable to man-in-the-middle attacks. OMEMO same as OTR is fully useless and could be compromised if xmpp server is compromised. Xmpp isn't decentralized, so any xmpp may be compromised any time.

member7me avatar Aug 03 '23 11:08 member7me

OMEMO

You can enable only trusted devices, so MITMs are useless

licaon-kter avatar Aug 03 '23 12:08 licaon-kter

https://xmpp.org/extensions/xep-0373.html https://xmpp.org/extensions/xep-0374.html

member7me avatar Aug 27 '23 21:08 member7me

Could you point or quote what exactly you want to share?

https://xmpp.org/extensions/xep-0373.html https://xmpp.org/extensions/xep-0374.html

tomfun-sqdl avatar Aug 29 '23 07:08 tomfun-sqdl