[Security] Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing

Pedro Melo melo at simplicidade.org
Fri Aug 29 07:02:39 CDT 2008

On Aug 29, 2008, at 12:43 PM, Dave Cridland wrote:

> On Fri Aug 29 12:11:11 2008, Pedro Melo wrote:
>> Well, I have this thing called a roster, and some of them I  
>> already  have certified as being the person I expect them to be.  
>> And for some  of those, I actually trust their judgement. So why  
>> not asking them if  they know this person? And if yes, what's the  
>> signature they know them  by?
> Hmmm. A protocol allowing me to discover if another jid is on your  
> roster?

interesting choice of words :), but actually is more like this:

"Hey, I have this JID here that I want to talk to. Do you know him?  
and if yes, can you give me the fingerprint that you know him by?"

The JID is provided by my own free will. There is no assertion that  
this JID is on my roster.

> There's two issues:
> First off, if I'm in your roster, you might ask me about Dirk's  
> fingerprint - in which case, I know that you're talking to Dirk,  
> which is pretty awesome. We can shield this one by hashing the jid,  
> so I can then scan through my hashes-of-known-jids and at least only  
> know you're talking to Dirk if I previously have as well.

Sure. One step further is this: I send you an hash of Dirk's JID +  
Dick's offered fingerprint. If you have the same, you can tell me that  
"yes, I trusted something like that already".

This way you will only know whom I'm talking to if you have previously  
accepted the same pair JID+Fingerprint.

Even less information disclosure.

> Second, if I reply with a fingerprint match, I'm verifying not only  
> the fingerprint, but that I, too, have spoken to Dirk and confirmed  
> him, so you can run away and tell everyone we're co-conspirators.

Yes, but I can't see how to ask you do confirm something for me  
without telling you this much. Maybe someone else can.

But I like using the Roster as a Web-of-Trust...

Best regards,
Pedro Melo
Blog: http://www.simplicidade.org/notes/
XMPP ID: melo at simplicidade.org

More information about the Security mailing list