Chapril/xmpp.chapril.org-conversejs
Chapril/xmpp.chapril.org-conversejs
24
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Document that OMEMO is disabled when the device is untrusted

Browse Source
This commit is contained in:
JC Brand 2018-10-18 08:08:44 +02:00
parent c8dc7b63b2
commit 18dad134fc
1 changed files with 15 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
docs/source/features.rst
View File

@ -16,34 +16,29 @@ A room (aka groupchat) can be opened with a URL fragment such as `#converse/room
and a private chat with a URL fragment such as and a private chat with a URL fragment such as
`#converse/chat?jid=user@domain`. `#converse/chat?jid=user@domain`.
Off-the-record encryption XEP-0384 OMEMO Encryption
========================= =========================
Converse supports `Off-the-record (OTR) <https://otr.cypherpunks.ca/>`_ Converse supports OMEMO encryption based on the
encrypted messaging. `Signal Protocol <https://github.com/signalapp/libsignal-protocol-javascript>`_.
The OTR protocol not only **encrypts your messages**, it provides ways to The Signal Protocol is session-oriented. Clients establish a session, which is
**verify the identity** of the person you are talking to, then used for all subsequent encrypt/decrypt operations. There is no need to
**plausible deniability** and **perfect forward secrecy** by generating ever tear down a session once one has been established.
new encryption keys for each conversation.
In its current state, JavaScript cryptography is fraught with dangers and This means that a session needs to be stored permanently after logging out.
challenges that make it impossible to reach the same standard of security that
is available with native "desktop" software.
This is due to its runtime malleability, the way it is "installed" (e.g. Converse stores this session information in the browser's `localStorage <https://developer.mozilla.org/en-US/docs/Web/API/Storage/LocalStorage>`_.
served) and the browser's lack of cryptographic primitives needed to implement
secure crypto.
For harsh but fairly valid criticism of JavaScript cryptography, read: If you've checked the "This is not a trusted device" checkbox when logging in,
`JavaScript Cryptography Considered Harmful <http://www.matasano.com/articles/javascript-cryptography/>`_. then `sessionStorage <https://developer.mozilla.org/en-US/docs/Web/API/Window/sessionStorage>`_
is used instead of localStorage and all data is cleared when you log out.
To get an idea on how this applies to OTR support in Converse, please read For this reason, OMEMO cannot be used when you've indicated that you're using
`my thoughts on it <https://opkode.com/media/blog/2013/11/11/conversejs-otr-support>`_. an untrusted device. You would in any case not be able to decrypt previously
received OMEMO messages, due to the Signal Protocol's forward secrecy and the
fact that you don't have a pre-existing session.
For now, suffice to say that although its useful to have OTR support in
Converse in order to avoid most eavesdroppers, if you need serious
communications privacy, then you're much better off using native software.
Notifications Notifications
============= =============