[Standards-JIG] UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)
justin-keyword-jabber.093179 at affinix.com
Mon Mar 15 21:07:54 UTC 2004
On Monday 15 March 2004 12:10 pm, Joe Hildebrand wrote:
> If we're going to do one-shot e2e message encryption, it MUST prevent
> replay attacks, which JEP 27 does not.
The xmpp-e2e specification suggests the use of checking timestamps, however I
think we could improve upon this by additionally including a unique ID in
each packet. A client can cache all such IDs it gets, and discard any that
are older than 10 minutes. A message is valid so as long the timestamp is
+/-5 minutes of the delivery time and the ID does not exist in the cache.
The "Delivery time" would be either 'now', or some specified date via
jabber:x:delay. This would allow for valid offline messages.
There is one remaining problem: preventing the server from replaying old
messages via jabber:x:delay. This one is tricky. One possible solution is
that the client should only consider offline messages valid if they are
timestamped between the current and previous login time (this means saving a
single timestamp to disk), as otherwise you would have received them already,
and condsider them only for a period of 10 minutes after sign-on (this allows
us to use the IDs to prevent replays during this timeframe).
More information about the Standards