Download to read offline
Uploaded byTania Silva
OTR and XMPP
XMPP is an open standard for instant messaging and presence information. It has been implemented by services like Google Talk, Facebook, Yahoo, and others. XMPP uses XML streams to send small messages and is extensible and federated. OTR provides encryption for instant messages to ensure forward secrecy, repudiable authentication, and prevent eavesdropping. The example message shows how OTR inserts encrypted fields into the XMPP message. The "socialist millionaire" problem in cryptography refers to allowing two parties to determine if they have equal wealth without disclosing the actual amounts.
OTR and XMPP
- 1.
- 2. XMPP • Almost 10years old • IETF standard (RFC 3920 RFC 3921) • More than 100 extensions • Started as Jabber: XMPP is the protocol powering Jabber Instant Messaging Network
- 3. Who’s using XMPP •GTalk, Facebook (not completely implemented) • Jabber.TLD • Yahoo! (the Video conference site) • AIM (private interconnects) • US DoD (big BIG users), UK Armed Forces bla..bla...
- 4. What’s XMPP • XMLStreams: send small XML messages • Simple building blocks • Extensible: add your stuff, no need to ask permission • Federated
- 5. Guess what’s inyour record? <message to='romeo@example.net' from='juliet@example.com' type='chat' xml:lang='en'> <body>Wherefore art thou, Romeo?</body> <body xml:lang='cz'>PročeŽ jsi ty, Romeo?</body> </message>
- 6.
- 7.
- 8. OTR brings... • Forwardsecrecy short-live key for messaging long-term key for authentication • Repudiable authentication - forgeability do not want digital signatures do want authentication
- 9. Socialist millionaire In cryptography,the socialist millionaire problem is one in which two millionaires want to determine if their wealth is equal without disclosing any information about their riches to each other.
- 10.