[Cryptography] Silly idea for WhatsApp MitM protection for the masses
Bill Cox
waywardgeek at gmail.com
Fri Apr 8 16:02:58 EDT 2016
On Fri, Apr 8, 2016 at 10:29 AM, Trevor Perrin <trevp at trevp.net> wrote:
> On Fri, Apr 8, 2016 at 6:18 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> >
> > - Users have to verify a 60 digit code rather than a 4 digit code to
> prove
> > there is no MitM
>
> No, there is a "Scan QR code" option.
Hi, Trevor. Not that I'm an expert, but what I've seen so far of your
Noise Protocol looks good to me. I recommended it as a potential solution
to a problem yesterday. Do you know if the Noise Pipes implementation in
WhatsApp is open-source? I think several of us on this list would like to
take a look and help WhatsApp find any implementation flaws. Also, kudos
to the WhatsApp team for enabling end-to-end encryption by default.
The QR code feature is cool. I doubt many users will use it. I tried it
out yesterday with my dad, and it is simple enough to use, if you are in
the same location.
> - Use hash commitments and reduce their code to 4 digits
>
> That wouldn't work well, here. WhatsApp provides asynchronous text
> messaging. Alice can send initial messages to Bob when he is offline,
> and he might receive them when Alice is offline.
>
> Short-auth strings (SAS) require a 3-way handshake before the SAS is
> displayed. So in the above case, Alice and Bob would be in an awkward
> "pending state", where they have sent or received messages but have no
> way of authenticating. Using public-key fingerprints avoids this.
>
What if you only display the SAS (or something more interesting randomly
selected based on the SAS) after sending the second message? I assume the
second message is better protected than the first message in any case,
since that's when ephemeral secrets are in place.
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160408/19d91574/attachment.html>
More information about the cryptography
mailing list