[Security] Gajim 0.12's E2E encryption UI
melo at simplicidade.org
Fri Aug 22 17:34:24 CDT 2008
On Aug 21, 2008, at 3:16 PM, Eric Rescorla wrote:
> On Thu, Aug 21, 2008 at 5:28 AM, Simon Josefsson
> <simon at josefsson.org> wrote:
>> Jonathan Schleifer <js-xmpp-security at webkeks.org> writes:
>>> GPG should only be an option and not the default, never more, as GPG
>>> is not user friendly to the average user.
>> I don't think non-technical users need to ever see anything except
>> similar user interfaces as shown earlier in this thread.
>>> It wouldn't really work with a dialog like that. We already have
>>> problems getting people to verify the SAS, how do you expect them to
>>> verify a fingerprint? ;)
>> You can transform an OpenPGP key fingerprint into a SAS-like
>> string, if
>> that makes you feel better, and ask users to verify that. Hash the
>> OpenPGP fingerprint, truncate it and encode it using the same
>> length and
>> characters as used by SAS today.
> This actually isn't as secure as an SAS if done exactly this way,
> the attacker can generate a key that matches the truncated hash via
> exhaustive search.
> What is secure is if the relying party chooses random bits out of the
> fingerprint to ask the user to check, thus forcing the full
> to be secure. I'm not yet sure how to do a good UI for this.
You could use OpenPGP certificates in a TLS negotiation (using RFC
5081) with the SAS extension for TLS (described here: https://
which does not have the problem you describe.
As for UI for the SAS exchange, I'm partial to the use of the
Mnemonic encoder with a GUI like this: http://mooseyard.com/Jens/
2008/04/cloudy-verification/ (page down, about three or four screens).
XMPP ID: melo at simplicidade.org
More information about the Security