076萌SNS
  • Login

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. theruran 🌐🏴 (theruran@hackers.town)'s status on Thursday, 12-Jan-2023 03:27:19 JST theruran 🌐🏴 theruran 🌐🏴
    in reply to

    The common cause is “rolling your own protocol”. At the time when #Threema first released, the space of messaging protocols was still pretty empty, but OTR (from 2004) did already achieve forward secrecy. Threema is entirely built upon NaCl, the cryptographic library by Daniel J Bernstein. It was interesting to see, when talking to the team, that some of the bad design decisions (such as not authenticating the metadata of messages) arose from limitations of the #NaCl APIs. Another point to be made is that a company whose main product is based on cryptography, should always have a cryptographer at hand to assess its security and to propose already-existing protocols when possible, for example the battle-tested TLS instead of creating their bespoke client-to-server protocol.

    The Threema protocols lack(ed) basic properties that are nowadays considered de rigueur for a messenger app to be regarded as secure: forward secrecy with respect to a malicious server, and protection against replay, reflection, and reordering attacks. While developers mostly stopped “rolling their own” cryptographic primitives, rolling your own protocol can be as dangerous: the recent attacks on Mega and Matrix are also an example of this. We need more provable security, and more scrutiny for cryptographic protocols before they are deployed.

    from page 2: https://arstechnica.com/information-technology/2023/01/messenger-billed-as-better-than-signal-is-riddled-with-vulnerabilities/2/

    #infosec

    In conversation Thursday, 12-Jan-2023 03:27:19 JST from hackers.town permalink

    Attachments

    1. Messenger billed as better than Signal is riddled with vulnerabilities
      Threema comes with unusually strong claims. They crumble under new research findings.
    • theruran 🌐🏴 (theruran@hackers.town)'s status on Thursday, 12-Jan-2023 03:27:20 JST theruran 🌐🏴 theruran 🌐🏴

      #Threema encrypted messenger got rekt:

      In our work, we present seven attacks against the cryptographic protocols used by Threema, in three distinct threat models. All the attacks are accompanied by proof-of-concept implementations that demonstrate their feasibility in practice.

      https://breakingthe3ma.app/
      archived at: https://web.archive.org/web/20230111141555/https://breakingthe3ma.app/

      In the event an ephemeral key is exposed even once, an attacker can permanently impersonate the client to the server and then obtain all metadata in all E2EE messages. This is a remarkable shortcoming because ephemeral keys should never be able to authenticate a user. With Threema, leaking of an ephemeral key has the same effect as leaking a long-term key.

      reported by: https://arstechnica.com/information-technology/2023/01/messenger-billed-as-better-than-signal-is-riddled-with-vulnerabilities/

      #infosec

      In conversation Thursday, 12-Jan-2023 03:27:20 JST permalink

      Attachments

      1. Three Lessons from Threema: Analysis of a Secure Messenger

      3. Messenger billed as better than Signal is riddled with vulnerabilities
        Threema comes with unusually strong claims. They crumble under new research findings.
      Adrian Cochrane repeated this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.