canmove, Confirmed users
640
edits
Services/KeyExchange: Difference between revisions
Fleshing out notes.
(Fleshing out notes.) |
|||
| Line 387: | Line 387: | ||
## Confidence in J-PAKE: paper submitted to journal for official publication only recently, no peer review yet. | ## Confidence in J-PAKE: paper submitted to journal for official publication only recently, no peer review yet. | ||
## Short PIN as proposed by UX makes channel hijacking, guessing easier | ## Short PIN as proposed by UX makes channel hijacking, guessing easier | ||
### Additionally, large quantities of channels to support user volume will either significantly lengthen this string, or reduce PIN space and strength | |||
## Firefox 4 timeframe short for implementation + crypto review | ## Firefox 4 timeframe short for implementation + crypto review | ||
## DoS | ## DoS | ||
## Changes to marketing messages necessary, are we willing to qualify our statements about Sync security + privacy | ## Changes to marketing messages necessary, are we willing to qualify our statements about Sync security + privacy? | ||
# Proposals to prevent simple attacks | # Proposals to prevent simple attacks | ||
## Connections to the PAKE server should be over SSL, eliminates man-in-the-middle attacks. | ## Connections to the PAKE server should be over SSL, eliminates man-in-the-middle attacks. | ||
| Line 401: | Line 402: | ||
# Alternative suggestions | # Alternative suggestions | ||
## Various word or sentenced based methods, all of which are pretty much impossible to localize. | ## Various word or sentenced based methods, all of which are pretty much impossible to localize. | ||
### Maybe: could localize the PGP bio word list (http://en.wikipedia.org/wiki/PGP_word_list) | |||
## Have the mobile display a ~20 a-z character key (~100 bits of entropy) which user enters on the desktop. This 20 char key is used to make a 128 bit AES key, the hash of the key is the channel ID on the server. Mobile encrypts data, uploads to channel, desktop downloads and decrypts. UX is worse (but still better because you enter ~20 chars on desktop rather than email + password + Sync Key on mobile), security is better. | ## Have the mobile display a ~20 a-z character key (~100 bits of entropy) which user enters on the desktop. This 20 char key is used to make a 128 bit AES key, the hash of the key is the channel ID on the server. Mobile encrypts data, uploads to channel, desktop downloads and decrypts. UX is worse (but still better because you enter ~20 chars on desktop rather than email + password + Sync Key on mobile), security is better. | ||
### Arguable that users are already familiar with entering separated alphanumeric sequences: WEP keys, registration keys, license codes, phone numbers, ZIP codes, credit card numbers... | |||