[messaging] Viola: A simple secure multiparty messaging system

[George Chatzisofroniou]

Hello,

On  Mon, 02 May 2016, George Kadianakis <desnacked at riseup.net> wrote:
> I'd like to present you a first version of Viola: a secure multiparty messaging
> system. It has been a side-project for the past month, and I'm glad to finally
> push it out to the world :)

The idea looks interesting. I like that Viola aims on a secure yet
practical multiparty "off-the-record" system, something that is
apparently missing from the current privacy-enabling solutions.

> On the protocol side, if you take a minute and understand the viola spec, you
> will realize that it's actually a quite simple protocol with great potential
> for improvements in every step. If you have a viola improvement in mind, I
> invite you to hack the spec and the code, and actually implement and test the
> improvement yourself. If you find a great improvement that works, please let me
> know!

My main concern has to do with the long-term keys that appear to be
necessary for the authenticated key exchange. If I understood
correctly, the secure way to exchange these keys is through
out-of-band means (OTR / AFK) and this looks against the property of
practicality. This is of course an issue with all group messaging
protocols.

Since Viola introduces the concept of the "room captain", maybe it
makes sense to make her responsible for authenticating the other peers
for the very first time using OTR-like ways (question and answer,
shared secret or manual fingerprint verification). After successful
mutual authentication, the key exchange process may happen. Note
though that this will expand the threat model; room captain should be
an honest user and if she leaves another peer should take her place.

> Have fun playing with Viola and please provide feedback!!!

Hopefully more people will join this conversation.

Cheers,

George Chatzisofroniou