Hello! What do we see today? Leaky Threema, strange Session, suspicious Tox, unstable Briar, terrible Wickr, pseudo-centralized Matrix, no comments Telegram — why all this when there are good old classics: Jabber and XMPP?
At the moment, this is probably the most secure method of communication on the network. And for greater security and even protection of the content of correspondence when accessing your device by 3 persons, use steganography methods.
You should understand that privacy is USELESS (With serious opponents) if you do not practice the "privacy — anonymity — secure environment" or "privacy — encryption — secure environment or privacy — anonymity — encryption — secure environment" bundle.
For this reason, XMPP user names resemble email addresses.
You may have already used XMPP without knowing it. Several popular chat platforms started out as XMPP clients, such as Google Talk and Facebook Messenger. WhatsApp works using a customized version of XMPP.
Jabber works through the server — however, you can create your own and fully control the flow of information going through it.
But pure Jabber is not secure (TLS alone, which is used by default on many servers, is not enough, since the server can read the contents of correspondence). You need to add an encryption method to it.
At the moment, there are 3 main (not all) variants of the cryptographic protocol that provides encryption for instant messaging conversations:
OTR-off-the-record is based on PGP and uses a combination of the AES symmetric key algorithm with a key length of 128 bits, Diffie-Hellman key exchange with a group size of 1536 bits, and the SHA-1 hash function.
1 session — 1 key, each time you end a conversation, you need to end the session, delete the correspondence, and only then the key will be updated at the next communication session.
So, OTR provides:
However, there are disadvantages — this protocol does not work with groups and files. The protocol also doesn't work if at least 1 device is offline. In addition, this protocol does not support synchronization between multiple devices, since it does not store any content of correspondence (even in encrypted form) on the server.
OMEMO-Multi-End Message and Object Encryption generates a new key for each message, so there is forward secrecy.
It supports encrypted file transfer and can also work with groups.
In addition, OMEMO can send messages to a user who is currently offline, but this feature requires storing undelivered messages on the server, which OMEMO does, but all messages are stored in encrypted form.
Uses AES-GCM.
Однако есть и заявления что OMEMO wiki falsely states perfect forward secrecy which is totally false «It has been demonstrated that OMEMO provides only weak forward secrecy (it protects the session key only once both parties complete the key exchange).»
PGP / GPG — a big plus is third-party key generation. However, there is no forward secrecy, that is, if 1 key is compromised, all correspondence encrypted with this key will be compromised.
Outdated technology, and the PGP protocol is completely closed source.
PGP issue.
All 3 are safe and reliable, but each has its own pros and cons. I recommend OTR for 1V1 correspondence and OMEMO for group correspondence.
All of the above methods encrypt correspondence on the device side. However, OMEMO has message synchronization between devices on the same account. That is, when hacking an account, it is enough to mark the fingerprint of the new device on the account as verified (By the way, some clients mark new fingerprints as trusted AUTOMATICALLY) and it will be able to read the contents of correspondence.
By the way, the person who hacked your account will be able to view who you corresponded with and who is in your contacts in Jabber.
A few words about fingerprints for verification (So that users know for sure that they are communicating with the device of the person they are writing to, in order to avoid MITM attacks). I have repeatedly met statements about problems in the work of such users, perhaps users simply did not understand, but this topic is really not easy. I suggest a solution that is probably even more reliable and simpler — ask the interlocutor what only he and you know, by the way, in cryptography this method is called the problem of the socialist millionaire.
Let's look at how to protect yourself from servers that are trying to deanonymize you as much as possible and compromise your correspondence.
First, let's understand what the Jabber server has if it logs all the information it can.
To ensure that our correspondence is not read, we use encryption.
We also don't trust suspicious fingerprints and clean the device regularly.
Before starting a conversation, we ask the other person what only he and you know.
At the moment, this is probably the most secure method of communication on the network. And for greater security and even protection of the content of correspondence when accessing your device by 3 persons, use steganography methods.
You should understand that privacy is USELESS (With serious opponents) if you do not practice the "privacy — anonymity — secure environment" or "privacy — encryption — secure environment or privacy — anonymity — encryption — secure environment" bundle.
- What is it?
- PGP issue.
- Which Jabber server should I choose?
- Which client should I choose?
What is it?
XMPP is an instant messaging protocol that has been around since 1999 and was originally known as Jabber. It is an open standard for sending messages over the Internet without having to have an account registered on a single server. Someone can register an account with one provider and send a message to someone who is registered elsewhere.For this reason, XMPP user names resemble email addresses.
You may have already used XMPP without knowing it. Several popular chat platforms started out as XMPP clients, such as Google Talk and Facebook Messenger. WhatsApp works using a customized version of XMPP.
Jabber works through the server — however, you can create your own and fully control the flow of information going through it.
But pure Jabber is not secure (TLS alone, which is used by default on many servers, is not enough, since the server can read the contents of correspondence). You need to add an encryption method to it.
At the moment, there are 3 main (not all) variants of the cryptographic protocol that provides encryption for instant messaging conversations:
OTR-off-the-record is based on PGP and uses a combination of the AES symmetric key algorithm with a key length of 128 bits, Diffie-Hellman key exchange with a group size of 1536 bits, and the SHA-1 hash function.
1 session — 1 key, each time you end a conversation, you need to end the session, delete the correspondence, and only then the key will be updated at the next communication session.
So, OTR provides:
- Encryption.
No one else can read your instant messages. - Authentication. You are sure that the person you are talking to has not been tampered with.
- Authenticity of the correspondence. The messages you send do not have digital signatures that can be verified by a third party. Anyone can fake messages after a conversation to make it look like they came from you. However, during the conversation, your interlocutor is sure that the messages they see are authentic and unchanged.
- Forward secrecy. If you lose control of your private keys, the previous conversation will not be compromised.
However, there are disadvantages — this protocol does not work with groups and files. The protocol also doesn't work if at least 1 device is offline. In addition, this protocol does not support synchronization between multiple devices, since it does not store any content of correspondence (even in encrypted form) on the server.
OMEMO-Multi-End Message and Object Encryption generates a new key for each message, so there is forward secrecy.
It supports encrypted file transfer and can also work with groups.
In addition, OMEMO can send messages to a user who is currently offline, but this feature requires storing undelivered messages on the server, which OMEMO does, but all messages are stored in encrypted form.
Uses AES-GCM.
Однако есть и заявления что OMEMO wiki falsely states perfect forward secrecy which is totally false «It has been demonstrated that OMEMO provides only weak forward secrecy (it protects the session key only once both parties complete the key exchange).»
PGP / GPG — a big plus is third-party key generation. However, there is no forward secrecy, that is, if 1 key is compromised, all correspondence encrypted with this key will be compromised.
Outdated technology, and the PGP protocol is completely closed source.
PGP issue.
All 3 are safe and reliable, but each has its own pros and cons. I recommend OTR for 1V1 correspondence and OMEMO for group correspondence.
All of the above methods encrypt correspondence on the device side. However, OMEMO has message synchronization between devices on the same account. That is, when hacking an account, it is enough to mark the fingerprint of the new device on the account as verified (By the way, some clients mark new fingerprints as trusted AUTOMATICALLY) and it will be able to read the contents of correspondence.
By the way, the person who hacked your account will be able to view who you corresponded with and who is in your contacts in Jabber.
A few words about fingerprints for verification (So that users know for sure that they are communicating with the device of the person they are writing to, in order to avoid MITM attacks). I have repeatedly met statements about problems in the work of such users, perhaps users simply did not understand, but this topic is really not easy. I suggest a solution that is probably even more reliable and simpler — ask the interlocutor what only he and you know, by the way, in cryptography this method is called the problem of the socialist millionaire.
Which Jabber server should I choose?
I recommend thesecure.biz and jabber.calyxinstitute.org the claims of their owners about security and anonymity look good, BUT I can't guarantee their security due to the fact that this may well change in the future or the statements of the owners of these servers are not entirely honest. Therefore, I don't want to analyze the choice of servers in depth, we should only trust ourselves, and not someone out there. Secure server-this will be a good addition to your anonymity and security on the network, but we must be prepared for a violation of the anonymity and security of the server.Let's look at how to protect yourself from servers that are trying to deanonymize you as much as possible and compromise your correspondence.
First, let's understand what the Jabber server has if it logs all the information it can.
- IP address when registering the account and all connections to the account.
- Username and password to log in to your account.
- Non-encrypted messages.
- Who you are communicating with.
To ensure that our correspondence is not read, we use encryption.
We also don't trust suspicious fingerprints and clean the device regularly.
Before starting a conversation, we ask the other person what only he and you know.
