[jitsi-dev] Encrypted group conversations possible?


#1

This time just a question. Is it possible to have an encrypted group
conversation with Jitsi?

We are now officially recommending Jitsi at privacydefence.org (danish
website, don't expect to much traffic increase). My own testing in a
virtual environment showed that group conversations would only be
encrypted between the first two persons to call each other, but perhaps
I have not tested it thoroughly. Watching slide 4 from ClueCon that you
have just put online on jitsi.org shows a picture with a group
conversation where 4 people have established an encrypted connection.
As we currently state on privacydefence.org that Jitsi cannot encrypt
group conversations, perhaps we need to correct that statement?

If you have time, I will appreciate your comments. In any case, thank
you for your work and dedication with Jitsi, it is most appreciated.


#2

This time just a question. Is it possible to have an encrypted group
conversation with Jitsi?

If by "group conversation" you mean text chat: no.

We are now officially recommending Jitsi at privacydefence.org (danish
website, don't expect to much traffic increase). My own testing in a
virtual environment showed that group conversations would only be
encrypted between the first two persons to call each other, but perhaps
I have not tested it thoroughly. Watching slide 4 from ClueCon that you
have just put online on jitsi.org shows a picture with a group
conversation where 4 people have established an encrypted connection.

This slide shows an audio conference, which is indeed encrypted. All
participants of the conference get/send their audio from/to the conference
focus (the organizer) and have an encrypted session with him.

As we currently state on privacydefence.org that Jitsi cannot encrypt
group conversations, perhaps we need to correct that statement?

If you have time, I will appreciate your comments. In any case, thank
you for your work and dedication with Jitsi, it is most appreciated.

Thanks for your kind words!

Ingo


#3

This time just a question. Is it possible to have an encrypted group
conversation with Jitsi?

If by "group conversation" you mean text chat: no.

However, this might be coming later this year.

We are now officially recommending Jitsi at privacydefence.org (danish
website, don't expect to much traffic increase). My own testing in a
virtual environment showed that group conversations would only be
encrypted between the first two persons to call each other, but perhaps
I have not tested it thoroughly. Watching slide 4 from ClueCon that you
have just put online on jitsi.org shows a picture with a group
conversation where 4 people have established an encrypted connection.

This slide shows an audio conference, which is indeed encrypted. All
participants of the conference get/send their audio from/to the conference
focus (the organizer) and have an encrypted session with him.

As we currently state on privacydefence.org that Jitsi cannot encrypt
group conversations, perhaps we need to correct that statement?

If you have time, I will appreciate your comments. In any case, thank
you for your work and dedication with Jitsi, it is most appreciated.

Thanks for your kind words!

+1 :slight_smile:

Cheers,
Emil

···

On 27.08.13, 21:52, Ingo Bauersachs wrote:

--
https://jitsi.org


#4

Emil Ivov:

This time just a question. Is it possible to have an encrypted group
conversation with Jitsi?

If by "group conversation" you mean text chat: no.

However, this might be coming later this year.

Does an XEP exist for this? (Which one?)

Are these documents (still) relevant?

Requirements for End-to-End Encryption in the Extensible Messaging and
Presence Protocol (XMPP)
http://tools.ietf.org/html/draft-saintandre-xmpp-e2e-requirements-01

End-to-End Signing and Object Encryption for the Extensible Messaging
and Presence Protocol (XMPP)
RFC 3923
http://datatracker.ietf.org/doc/rfc3923/

XTLS: End-to-End Encryption for the Extensible Messaging and Presence
Protocol (XMPP) Using Transport Layer Security (TLS)
http://tools.ietf.org/html/draft-meyer-xmpp-e2e-encryption-02

Cheers,
Andreas


#5

Emil Ivov:

This time just a question. Is it possible to have an encrypted group
conversation with Jitsi?

If by "group conversation" you mean text chat: no.

However, this might be coming later this year.

Does an XEP exist for this? (Which one?)

I don't believe so. It is an OTR feature. We haven't looked into XMPP
specific ways of doing this.

Emil

···

On Wed, Aug 28, 2013 at 9:32 AM, Andreas Kuckartz <a.kuckartz@ping.de> wrote:

Are these documents (still) relevant?

Requirements for End-to-End Encryption in the Extensible Messaging and
Presence Protocol (XMPP)
http://tools.ietf.org/html/draft-saintandre-xmpp-e2e-requirements-01

End-to-End Signing and Object Encryption for the Extensible Messaging
and Presence Protocol (XMPP)
RFC 3923
http://datatracker.ietf.org/doc/rfc3923/

XTLS: End-to-End Encryption for the Extensible Messaging and Presence
Protocol (XMPP) Using Transport Layer Security (TLS)
http://tools.ietf.org/html/draft-meyer-xmpp-e2e-encryption-02

Cheers,
Andreas

--
Emil Ivov, Ph.D. 67000 Strasbourg,
Project Lead France
Jitsi
emcho@jitsi.org PHONE: +33.1.77.62.43.30
https://jitsi.org FAX: +33.1.77.62.47.31


#6

Emil Ivov:

Emil Ivov:

This time just a question. Is it possible to have an encrypted group
conversation with Jitsi?

If by "group conversation" you mean text chat: no.

However, this might be coming later this year.

Does an XEP exist for this? (Which one?)

I don't believe so. It is an OTR feature. We haven't looked into XMPP
specific ways of doing this.

So far group / multi-party chat does not seem to be a feature specified
for OTR, but I found this paper by Ian Goldberg et.al.:

Multi-party Off-the-Record Messaging
http://www.cypherpunks.ca/~iang/pubs/mpotr.pdf

Multi-party Off-the-Record Messaging
[three pages longer]
http://www.cacr.math.uwaterloo.ca/techreports/2009/cacr2009-27.pdf

Cheers,
Andreas

···

On Wed, Aug 28, 2013 at 9:32 AM, Andreas Kuckartz <a.kuckartz@ping.de> wrote: