GPG and OTR integration

domob
Posts: 1127
Joined: Mon Jun 24, 2013 11:27 am
Contact:

GPG and OTR integration

Post by domob »

Starting a new topic split off from https://dot-bit.org/forum/viewtopic.php?f=2&t=1004. The idea is to use namecoin identities to verify public keys in GPG and OTR messaging.

For GPG:

Since the keys are managed by GnuPG itself and things like Enigmail are layered on top, where do you think we could plug in the authentication best? Still for instance as patch to Enigmail with a new function "verify from namecoin"? It could work like this: I select the key if I already have it, choose "verify from namecoin" and enter the namecoin id I know this key should belong to. Then the key is signed if it matches the namecoin identity. Furthermore, one could also implement a "import from namecoin" function that also fetches a key given the URI in the namecoin identity. It would then display the GPG uid of the fetched key (so I can check it matches the name / email address I expect from the user) and allow me to sign the key if I like it. Do you think this all makes sense like that?

Further ideas: Since namecoin identities can also contain a name and/or email address, we could also check this against the GPG uid if applicable. The general problem I see with GPG verification is that the GPG key won't be imported as "id/domob" but still as "Daniel Kraft <d@domob.eu>", so even if the fingerprint is verified against the namecoin identity the user still needs to confirm he/she actually expects "id/domob" to show up as "Daniel Kraft" later on for GPG. That's not a big problem in my opinion (especially not for key exchange between people who know each other personally or at least online already), but I think it needs some thought.

For OTR:

Here similar things arise. When I verify that the OTR key of someone matches "id/domob", do I also want to verify that the XMPP address matches the one in "id/domob"? What do I do for a user with multiple OTR keys for different devices? What if there's no public XMPP record or OTR is used for a protocol different than OTR? So I think again matching an XMPP contact to a namecoin id has to be done manually. Thus I propose the following implementation:

Patch the Pidgin OTR plugin (because that's what I use :D), or maybe write another plugin, so allow a fourth verification option: "Verify by namecoin". If I choose this, instead of a shared secret I can enter an arbitrary id/ name which I know by other channels to be owned by my chat partner. Then the key is verified if this name matches the other's OTR key. As mentioned, I'm still responsible to manually connect my chat contact to an identity name, but that should be fine. What do you think about this suggestion? I think it may be quite easy to implement (once I work my way into Pidgin plugins).

AFAIK, there's not yet an "official" proposal for how to store OTR keys in identities. Since there's as mentioned the possibility to have multiple keys for different devices (or accounts with different protocols that are still owned by the same person), I suggest to add the field "otr" which can be either a string giving the fingerprint itself or an array of strings, where the verification succeeds if any element matches the key. Does that make sense? Do you think we should, especially in the latter case, somehow associate each key also to an account / XMPP resource? But I think that's not necessary - if I state that a list of keys is controlled by me, that I think it is safe for anyone to assume that every of those keys is acceptable to contact me. It doesn't matter to which chat account a key belongs.

UPDATE:

I've started work on integration for the Pidgin OTR plugin, with my code available from git on my server:

Code: Select all

git clone -b namecoin-verify https://git.domob.eu/pidgin-otr-nmc.git
Last edited by domob on Sun Aug 11, 2013 1:00 pm, edited 1 time in total.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

domob
Posts: 1127
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: GPG and OTR integration

Post by domob »

FYI: http://lists.cypherpunks.ca/pipermail/o ... 01779.html

I'm especially interested in OTR because I like and use it a lot myself. Having this possibility to verify identities would have made my life already easier when I initially set up the clients for my friends/family and myself.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

moa
Posts: 255
Joined: Mon May 23, 2011 6:13 am

Re: GPG and OTR integration

Post by moa »

Watching.

Random thoughts (may not be helpful):
For GPG, namecoin is conceptually somewhat like the look-up function of a 'distributed' key server ... without actually supplying the key. It is authenticating that the fingerprint of the key belongs to the human-readable id/name ...

domob
Posts: 1127
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: GPG and OTR integration

Post by domob »

For those interested, I've started a fork of the pidgin-otr plugin and just pushed my code to a public repository on my server:

Code: Select all

git clone -b namecoin-verify https://git.domob.eu/pidgin-otr-nmc.git
(Please forgive me if that does not work as it is the first time I tried setting up a public git repository, but it seemed to work for me. Let me know about any problems you have!)

So far it only contains a C/Glib version of the "same" connection code I've already written for Bitmessage and only tries to talk to namecoin with hard-coded connection settings when initialising the plugin (writing results to the debug log), but I hope to implement real fingerprint verification soon now the fundamentals are there. Stay tuned! :)

Note: My TLS certificate is signed by CAcert, so git may warn about that (I'm not sure how it does that, on my Debian system CAcert is trusted by default so I don't get to see the warning). You can use http instead of https also, if you want. (Official releases will be tagged and signed with my GPG key anyway.)
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

virtual_master
Posts: 541
Joined: Mon May 20, 2013 12:03 pm
Contact:

Re: GPG and OTR integration

Post by virtual_master »

Pidgin is my favorite communicator because its multiprotocol ability and availability on almost every operating system.
1.
If I have somebody on the contact list with XMPP protocol, then his XMPP address is there.
Wouldn't be best to check his XMPP address and find the Namecoin ID if exists ? (check Namecoin ID option)
I am also not sure if it is not to time intensive if there is no XMPP index but only a serial search.
Even if he has more identities or more OTR keys his XMPP address should be associated with only one ID. (at least logically)
By speaking with personA could appear results like this:

id/personA - XMPP and OTR match - actual
id/personB - XMPP and OTR doesn't match
Identity of the actual contact confirmed. (green)

id/personA - XMPP and OTR doesn't match - actual
id/personB - XMPP and OTR match
Identity of the actual contact NOT confirmed. (red)

no XMPP entry found (cannot be checked because no Namecoin ID) (yellow)

If it is matching then it doesn't matter by multiple OTR keys in the same ID which key is matching. Important is the authenticity of the person.
2.
If I am speaking with him on another protocol like Yahoo Messenger or Microsoft Network then I could check his YM address to Namecoin ID for OTR entry but that wouldn't be useful if he is using native YM or MSNP client which dosn't support OTR.
If he is using YM with pidgin and OTR then it could work but the combination doesn't have much sense so it is probably not used very often. I also use this protocol with persons who have only YM(but they all use native client so OTR not usable) .
3.
If I am speaking with him on another chat then I could introduce him on XMPP with his XPMM address and then check his XMPP OTR match on the Namecoin like in the point 1.
4.
If I am speaking with him on another chat then I could introduce his Namecoin ID which would add his XPMM address if exists. Here no matching check is necessary between OTR and XMPP because it was automatically introduced.
This point would need more changes in pidgin not just by the OTR so we could remain by point 1. for the beginning. It would be the easiest and must evident case.
http://namecoinia.org/
Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba | NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S

domob
Posts: 1127
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: GPG and OTR integration

Post by domob »

Not sure I understand your proposal correctly, so sorry if my reply misses your points. Do you mean that verification should find the namecoin identity name automatically based on associated XMPP accounts? This seems like an interesting idea, although I wouldn't want to "rely" on it. How do you prevent someone to create a fake name containing your XMPP address and the attacker's fingerprints? To be safe, I have to be sure you are indeed the owner of the namecoin identity I use for verification anyway - thus for now my plan is to simply allow to manually enter a namecoin identity name and have Pidgin verify the claimed fingerprint against the one stored with it.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

moa
Posts: 255
Joined: Mon May 23, 2011 6:13 am

Re: GPG and OTR integration

Post by moa »

domob: biolizard:

are you aware of the upcoming "payment protocol" that is being implemented for the bitcoin 0.9 satoshi client?

http://www.pcworld.com/article/2046182/ ... merce.html

It has crossed my mind earlier that the SSL comms they are going to be using will be vulnerable to the well-known compromised CA infrastructure.

I think it would be awesome if namecoin authentication or TLS could be used to secure the bitcoin payment protocol.

... as Gavin has said
Specifically, the payment requests will use X.509 certificates, which underpin SSL (Secure Sockets Layer), which encrypts data traffic between two parties.

While there are many weaknesses in SSL, "it's better than nothing," said Gavin Andresen, chief scientist for The Bitcoin Foundation and lead developer for the Bitcoin-QT client. If a better public key encryption scheme comes along, it can be swapped out in the payment protocol, he said.

"With Bitcoin, we are trying to get things right from the beginning so the payment process is as simple as it possibly can be and still completely secure," Andresen said.

The communication between a customer and company will be performed over SSL and will not be part of the so-called "blockchain," the public ledger that shows bitcoin transactions, Andresen said. The payment protocol will not touch the core code that drives Bitcoin's network.

domob
Posts: 1127
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: GPG and OTR integration

Post by domob »

moa wrote:domob: biolizard:

are you aware of the upcoming "payment protocol" that is being implemented for the bitcoin 0.9 satoshi client?
Yes, I heard about it. And as you point out, namecoin seems like a perfect solution (as for many other problems :D). Verifying the X.509 certificate as is done already with Convergence seems an idea, but even easier would be to just sign the payment request with the namecoin address holding the merchant's .bit domain - assuming vendors prefer to use .bit over traditional TLDs. ;) (Or by an address designated as "allowed signer" by the domain name's value field, see discussions in other threads.)
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: GPG and OTR integration

Post by phelix »

domob wrote:
moa wrote:domob: biolizard:

are you aware of the upcoming "payment protocol" that is being implemented for the bitcoin 0.9 satoshi client?
Yes, I heard about it. And as you point out, namecoin seems like a perfect solution (as for many other problems :D). Verifying the X.509 certificate as is done already with Convergence seems an idea, but even easier would be to just sign the payment request with the namecoin address holding the merchant's .bit domain - assuming vendors prefer to use .bit over traditional TLDs. ;) (Or by an address designated as "allowed signer" by the domain name's value field, see discussions in other threads.)
Almost scary how Namecoin is so superiour 8-)
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

moa
Posts: 255
Joined: Mon May 23, 2011 6:13 am

Re: GPG and OTR integration

Post by moa »

domob wrote:
moa wrote:domob: biolizard:

are you aware of the upcoming "payment protocol" that is being implemented for the bitcoin 0.9 satoshi client?
Yes, I heard about it. And as you point out, namecoin seems like a perfect solution (as for many other problems :D). Verifying the X.509 certificate as is done already with Convergence seems an idea, but even easier would be to just sign the payment request with the namecoin address holding the merchant's .bit domain - assuming vendors prefer to use .bit over traditional TLDs. ;) (Or by an address designated as "allowed signer" by the domain name's value field, see discussions in other threads.)
Hmmm, that would be an interesting simplification ... then it probably makes sense to look at the possibilities for using the shared bitcoin/namecoin private keys functionality .... e.g. the bitcoin address of the merchant being derived from same priv key as the namecoin address holding the .bit domain and signing the payment request.

Post Reply