[messaging] Transparency for E2E encrypted messaging at a centralized service
Michael Rogers
michael at briarproject.org
Wed Mar 26 10:39:32 PDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 26/03/14 13:17, Tom Ritter wrote:
> In an online-encrypted document sharing model, for the 98%, this
> would look like a document being OpenPGP-encrypted in javascript
> with a symmetric key you choose, and stored online by the service.
> The recipient visits the fileshare, using javascript
> OpenPGP-decrypts the document using the password they received
> out-of-band, and downloads it. For the 2%, they PGP-encrypt the
> document using gpg, and upload it, communicate the secret out of
> band, and the recipient decrypts it using javascript. Or, they
> receive a document encrypted with javascript and download it and
> PGP-decrypt it using gpg. If you build the service correctly, the
> service won't know ahead of time if the document is going to be
> decrypted in javascript or gpg, and thus can't reliably attack the
> user without a chance of detection.
A nitpick, but does OpenPGP support integrity protection for symmetric
encryption? Last time I looked it just had some kind of hash-based
checksum that the docs warned was not intended to be a real MAC.
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBCAAGBQJTMxDUAAoJEBEET9GfxSfMOdgH/1dnNGD4I7hE2hDFENWK/O4y
zKHaazCuxOgaP6SAdBeoMDWUCsraSO33KTAEzJ1BsnTBc9hV2lCUyAIFS1XW716M
86fDdpX6H2cHMt1NhwlnRfSbdoqWj3EbXXWbU38AXfoMSfvvaYfyPWHPDbr5z/pD
2HaCYCbR43/50pBQHymKsvh9wEBLWFf6HyUFRWPOVqzXA6M6GPEOt4YjolqWuMC5
K40d19qqPXBdNvaKdYEjyf43UOq+C4IE+zj++l/pxwxzZ22I4G9CWmSFIecUC3YZ
Y3XxRnUCYnYajJkou+EJxOdJ75EOdUXeVemjZeNUl4A3B8rnR/t2ogn59JleokM=
=Oix9
-----END PGP SIGNATURE-----
More information about the Messaging
mailing list