[messaging] Logging Bad Situations (was Informing the user they have the wrong key)

Tom Ritter tom at ritter.vg
Sun Sep 28 09:16:23 PDT 2014 

On 28 September 2014 03:37, Sean Comeau <sean at ftlnetworks.ca> wrote:
> Tom, the "Weird" slider sounds like an interesting idea.
>
> Can you elaborate on how it would function, particularly in the context of a messaging system such as TextSecure?

Hm.  Tough.  I started writing one, but ran into a bunch of situations
where I was like "Wait, is that actually how TS works?"  I'm somewhat
familiar with TextSecure, but not intimately.  So the below is a very
rough draft that would need a lot of fixing up by people more
intimately involved in the protocol.  For example, I've heard that
'One would be surprised how often keys are changed' - that type of
knowledge is critical to actually understand what's happening in the
real world deployment.

(Notation: long dashes are slider positions. They encompass all the
actions that appear below it.  An action that occurs above a slider
position is not logged at that position.)

---------------- Weirdest aka 'Paranoid Setting'
|
- Bob's key changes from K1 to K2
- Alice receives fragments of a message, but not the whole message,
after 5 minutes[0].
- The server has run out of prekeys despite me not receiving N new
messages where N is within... 5% (?) of the number of prekeys
|
----------------  'Concerned Setting'
|
- Alice receives fragments of a message, but not the whole message,
after 1 (?) hour.
- The server has run out of prekeys despite me not receiving N new
messages where N is within... 10% (?) of the number of prekeys
|
---------------- Default Setting
|
- Bob's key K1 changes to K2, and then back to K1
- Alice receives fragments of a message, but not the whole message,
after 6 (?) hours.
- A prekey is not signed by the key the communication is negotiated with (?)
- The server has run out of prekeys despite me not receiving N new
messages where N is within... 25% (?) of the number of prekeys
- Voice and SMS identity keys (once Signal is integrated) become out
of sync with each other

[0] This happened for SMS, but I think TS may have moved completely
off SMS at this point.



-tom

More information about the Messaging mailing list