[Standards-JIG] Secure Groupchat (was Re: The Great EncryptionDebate)
ian.paterson at clientside.co.uk
Tue Aug 16 21:29:10 UTC 2005
> Ideally, secure groupchat should work over regular groupchat
> servers, and only the participants would have the keys.
Yes, we can't trust the server. Whenever someone joins they should have
to negotiate keys with at least one of the participants.
> Speaking of conference rooms, I was just looking at some SILC
> documents, and one technique they use is to change the session
> key every time someone enters or exits the room.
Seems like a sensible minimum.
> One nice thing about the above method is that it means
> all participants should be available at the time of key
> negotiation (or renegotiation)
Not a problem for groupchat.
> which may open the door to some sort of multi-party
> diffie-hellman (if such a thing exists
> Another issue with groupchat is message signing. With
> one-to-one sessions it is clear who is sending which
> message (if it wasn't you, then it was the
> other guy). However, with groupchat it seems that the
> stanzas will need to be public key signed. I'm not sure
> yet how this would affect repudiability.
Maybe you're looking for something like (deniable) ring authentication?
More information about the Standards