PGP is a very curious choice. A quick Google search says a downside of this is that it does not provide “forward secrecy”. From the Wikipedia page on forward secrecy, it prevents things like the following.
If an adversary can steal (or obtain through a court order) this static (long term) signing key, the adversary can masquerade as the server to the client and as the client to the server and implement a classic man-in-the-middle attack.
Yes, I really have t looked into this before. I just vaguely remembered jokes about PGP from a security class a while back, so looked it up. It does look like the encryption scheme used in XMPP does solve this issue.
Wikipedia saves the day again:
OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm “to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline”.[1] The name “OMEMO” is a recursive acronym for “OMEMO Multi-End Message and Object Encryption”. It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol (PEP, XEP-0163).[2] OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.
PGP is a very curious choice. A quick Google search says a downside of this is that it does not provide “forward secrecy”. From the Wikipedia page on forward secrecy, it prevents things like the following.
If an adversary can steal (or obtain through a court order) this static (long term) signing key, the adversary can masquerade as the server to the client and as the client to the server and implement a classic man-in-the-middle attack.
Thanks for pointing this out. I’m guessing part of this is why so many messengers either create a new protocol or choose XMPP
Yes, I really have t looked into this before. I just vaguely remembered jokes about PGP from a security class a while back, so looked it up. It does look like the encryption scheme used in XMPP does solve this issue.
Wikipedia saves the day again:
OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm “to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline”.[1] The name “OMEMO” is a recursive acronym for “OMEMO Multi-End Message and Object Encryption”. It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol (PEP, XEP-0163).[2] OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.