[Security] GSoC proposal: Identity-based end-to-end encryption for XMPP

Peter Saint-Andre stpeter at stpeter.im
Fri Mar 11 16:55:37 CST 2011


I keep wondering if it would be best to just use OTR, but I'm waiting
for the outcome of the WOES session at IETF 80 (and the progress of
other such conversations) before I push OTR too hard...

On 3/11/11 7:40 AM, Eric Rescorla wrote:
> Sorry to be a downer, but no, I don't think this is of a lot of
> value:
> 
> (1) IBE is primarily useful in contexts where there isn't an 
> interactive channel between the two sides and so certificate
> discovery is inconvenient. That's not true in XMPP.
> 
> (2) See: http://datatracker.ietf.org/ipr/950/
> 
> -Ekr
> 
> 
> On Fri, Mar 11, 2011 at 5:10 AM, David Núñez <dnunez at lcc.uma.es>
> wrote:
>> Hello all,
>> 
>> My name is David Núñez and I am a PhD student on Computer Science.
>> Since the XSF is applying to this year's edition of Google Summer
>> of Code, I would like to know if someone in the XSF would be
>> interested in contributing to my proposal as a mentor.
>> 
>> The purpose of my project is twofold: 1) Implement an
>> Identity-based encryption library based in [RFC5091]. This goal is
>> not directly related to XMPP, but to security in general. As far as
>> I know, there is no open source implementation of this RFC, and I
>> think it is interesting. It is a requirement for the second phase. 
>> 2) Implement an XMPP library for an authenticated key agreement
>> based on clients identities (JIDs). This library could lead to
>> establish end-to-end encryption, using the clients identities for
>> agreeing a session key and then using symmetric-key encryption
>> during the current session. This key agreement scheme would be
>> based in [IBAKE], that assures that the server is unable to find
>> out the session key.  XMPP already provides mechanisms for
>> client-server authentication, which is an important requirement for
>> the distribution of the private-keys to clients. This library would
>> imply to define components both in server and client.
>> 
>> First of all, I would like you to comment if my proposal has sense
>> in the XMPP landscape. And second, I would like to know if someone
>> is particularly interested in participating as a mentor. I'm
>> looking forward to your comments :)
>> 
>> Regards, David.
>> 
>> References: [RFC5091] X. Boyen and L. Martin. Identity-Based
>> Cryptography Standard (IBCS) #1: Supersingular Curve
>> Implementations of the BF and BB1 Cryptosystems. [IBAKE] V. Cakulev
>> and G. Sundaram. IBAKE: Identity-Based Authenticated Key Agreement.
>> IETF draft. http://tools.ietf.org/html/draft-cakulev-ibake-03
>> 
>> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6105 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/security/attachments/20110311/2d3cf701/attachment.bin>


More information about the Security mailing list