[Cryptography] Silly idea for WhatsApp MitM protection for the masses

Trevor Perrin trevp at trevp.net
Fri Apr 8 13:29:36 EDT 2016


On Fri, Apr 8, 2016 at 6:18 AM, Bill Cox <waywardgeek at gmail.com> wrote:
>
> - Users have to verify a 60 digit code rather than a 4 digit code to prove
> there is no MitM

No, there is a "Scan QR code" option.


> They also do not warn users when the other party changes their public key,

There is a "Show Security Notifications" setting.


> making a MitM attack very likely to succeed against the large majority of
> users.  So, here's to trivial suggestions, and one silly idea to fix their
> MitM problem
>
> - Use hash commitments and reduce their code to 4 digits

That wouldn't work well, here.  WhatsApp provides asynchronous text
messaging.  Alice can send initial messages to Bob when he is offline,
and he might receive them when Alice is offline.

Short-auth strings (SAS) require a 3-way handshake before the SAS is
displayed.  So in the above case, Alice and Bob would be in an awkward
"pending state", where they have sent or received messages but have no
way of authenticating.  Using public-key fingerprints avoids this.


Trevor


More information about the cryptography mailing list