[cryptography] Jingle and Otr

James A. Donald jamesd at echeque.com
Wed Aug 21 00:16:16 EDT 2013


On 2013-08-21 2:00 PM, Natanael wrote:
> Well, the point here is that ZRTP for video and voice pretty much is
> functionally equivalent to OTR for IM. OTR is designed for messages,
> ZRTP is designed for data streams.

Ah yes, I see:

I was thinking of the problem from a text point of view, where 
cryptographically identifying the right target is hard.  In video, not hard.

    *ZRTP] allows the detection of man-in-the-middle (MiTM) attacks by
    displaying a short authentication string (SAS) for the users to read
    and verbally compare over the phone**.* ... But even if the users
    are too lazy to bother with short authentication strings, we still
    get reasonable authentication against a MiTM attack, based on a form
    of key continuity. *It does this by caching some key material to use
    in the next call, to be mixed in with the next call's DH shared
    secret, giving it key continuity properties analogous to Secure
    SHell (SSH)*.

If you know the face of the person you are talking to, you can surely 
tell if the right person is speaking the right SAS, which makes the 
methods used by OTR overkill for video.

Since humans are good at live face recognition, this makes it possible 
to locate the target person by insecure identifiers.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130821/b144575f/attachment.html>


More information about the cryptography mailing list