121
edits
Difference between revisions of "XEP-Remarks/XEP-0373: OpenPGP for XMPP"
Jump to navigation
Jump to search
XEP-Remarks/XEP-0373: OpenPGP for XMPP (view source)
Revision as of 10:16, 28 May 2022
, 10:16, 28 May 2022→XEP Review
(ECC and quick-generate-key) |
Vanitasvitae (talk | contribs) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 78: | Line 78: | ||
The future-default of is ECC 25519. It may be better to use an ECC key instead of RSA, because it's much faster and smaller. | The future-default of is ECC 25519. It may be better to use an ECC key instead of RSA, because it's much faster and smaller. | ||
You can use the quick-generate-key option to generate an XMPP-URI as UID | |||
<pre> | <pre> | ||
gpg --quick-generate-key xmpp:test@domain.tld future-default default 2y | gpg --quick-generate-key xmpp:test@domain.tld future-default default 2y | ||
pub ed25519 2021-03-28 [SC] [verfällt: 2023-03-28] | |||
D9CE49571538167DC06B1271DE58DD87A483AA5E | |||
uid xmpp:test@domain.tld | |||
sub cv25519 2021-03-28 [E] | |||
</pre> | </pre> | ||
| Line 321: | Line 327: | ||
??? | ??? | ||
=== Multi-User-Chat / Group Chat === | |||
There are different ways of tackling multi user-chat. | |||
The naive way would be to simply gather all the keys of all recipients and encrypt outgoing messages to all recipient keys. | |||
Another possibility (experimental, not sure if there is support for this in libraries/the OpenPGP spec yet) would be to use Proxy-Reencryption using ECC/PQC keys. This would require server-side support: | |||
* There is a group chat key per group chat. | |||
* (For ECC keys) For each member of the chat, the point on the curve gets multiplied by a unique scalar. The result is a new recipient key. | |||
* The server distributes recipient keys to the recipients | |||
* When sending a message, the user uses the group chat's encryption key | |||
* The server "reencrypts" the message for each recipient and delivers it | |||
* The users can decrypt the message | |||
This methodology prevents the server from learning about message contents, but simplifies key management. Unfortunately this would require server-side support and support in OpenPGP spec/tooling, so this is very future-work-ish. | |||
See https://www.researchgate.net/publication/299487198_Elliptic_Curve_Based_Proxy_Re-Encryption | |||
See "Automatic Forwarding" section in https://cryptpad.fr/pad/#/2/pad/view/9IyR9CkooqMQHOiUQ2a7UE88FAMklY1XF2vqnkCY6xg/ | |||
= Issues = | = Issues = | ||