TLS brings modularity and evolutivity, much needed in a protocol the scale of HTTP. Much easier to understand and replicate, much harder to shoot yourself in the foot with. Noise starts from a clean state with modern knowledge of cryptography and modern cryptography. Also, TLS has roots in a time where we knew much less in terms of crypto as time went on and flaws were discovered, SSL/TLS was patched all around, meaning it has become much harder to implement correctly. It's easy to shoot yourself in the foot with TLS (see: OpenSSL). Those upper layers wouldn't have access to key material and could then be updated more freely than the higher privileged components. If mobile platforms supported in-app sandboxing better then the app could slowly be refactored to be more like Chrome, where the base layer doesn't trust the upper layers. Of course, getting a bunch of security firms to sign off on every update, no matter how trivial that update is, might prove politically difficult inside Facebook. I have some code in my inbox that claims it can do this (it's written by some academics and I obtained it after a bit of a runaround) but I never found the time to play with it. This would require splitting the RSA signing keys used by the app stores.
WhatsApp could partner with security firms around the world, like Kaspersky Lab in Moscow, perhaps one in Germany and another in Iran, to make it harder for the software to be forcibly backdoored by a single decision of a single government representative. I hope further research here can develop better replacements for encoding short binary strings in i18n friendly ways (perhaps with icons instead of specific words? if you don't speak a common language with your chat partner then the app is useless anyway).ģ) What's the next step? My feeling is that the next step is securing the build and distribution pipeline. In practice I doubt any non-trivial numbers of people will ever compare codes by reading out such a number.
12 words seems so much more friendly, at least to English speakers, than a 50 digit number. I wonder if this is the first inkling of a post-TLS future?Ģ) It's a shame to see key words be killed off by internationalisation concerns. Based on a couple of minutes Googling this seems to be a brand new one-man protocol from Trevor Perrin (the same guy who did Axoltl on which Signal is based).
A few thoughts:ġ) They seem to have replaced TLS/SSL between client and server with "Noise Pipes".
0 kommentar(er)
