jazz icon indicating copy to clipboard operation
jazz copied to clipboard
verified publisher icon gardencmp

Possible Message franking attack?

Open nikgraf opened this issue 2 years ago • 1 comments

Hey @aeplay, just glanced over jazz again and noticed you are using xsalsa20_poly1305. Couple months back I learned that in case public/private key crypto is used there is "Message Franking" possible in many crypto systems: https://eprint.iacr.org/2017/664.pdf - also referred to as invisible salamanders https://eprint.iacr.org/2019/016.pdf

Not sure if this is the case for Jazz, but thought it might be worth sharing.

The easiest way to grasp it for me was this talk: https://www.youtube.com/watch?v=VazqgsBwzOY

While there are several approaches to mitigate the one Libsodium recommends is pretty straight forward: https://libsodium.gitbook.io/doc/secret-key_cryptography/aead#robustness

This is how I did it in the secsync case: https://github.com/serenity-kit/secsync/pull/97/files

nikgraf avatar Dec 24 '23 12:12 nikgraf

Note to self: possible attackers creating same cipher texts with same hash under different key are limited to group members who are already trusted anyways?

aeplay avatar May 31 '24 13:05 aeplay