Delete 'attacks.md'

This commit is contained in:
Sarah Jamie Lewis 2018-05-28 18:13:37 +00:00
parent e2a366a0b0
commit 808403ed1b
1 changed files with 0 additions and 49 deletions

View File

@ -1,49 +0,0 @@
# Attacks On Cwtch
## Server Censorship
Servers must keep things for as long as possible. This messes with bandwidth requirements, means syncing takes really long.
We could improve fetch to say something like...fetch messages sent within the last day to improve that.
We should already restrict length to 1kb.
Force servers to keep things forever? Have clients do checks? Is this potentially creating a bigger issue down the line?
This means that secure key rotation is essential! We can't just rely on kdf because the rotation rate is known. Send secret
salt on invite!
## Subgroup Attack
* Alice invites Bob and Carol to her Group
* Carol invites Eve to the group, pretending that she is the Owner.
* After some time passes Carol send Eve a group key update
* Carol can now selectively reencrypt messages from Alice and Bob to Carol under the new group key.
Defenses
--------
Eve rejects the initial group invitation because the signed group id doesn't match Carol
Carol can create a new group with all the sam parameters and sign it herself though.
However Carol will notice messages she can decrypt but are intended for another group, and if she tries to send
a message to the group, Alice and Bob will discover their group has been compromised.
## Key Rotation Attacks
* Alice invites Bob and Carol to a new Group
* Alice invites Eve
* Alice rotates the key (using a kdf), sends the new key to the Group
* Alice sends invite to Eve with new Key
Now there is a window where Bob and Carol send messages without receiving the new Key. There is also a possibility that
Bob or Carol miss the Key rotation message by being offline during the entire Server buffer period.
Alice should then technically rebroadcast the key rotation message, along with the iteration, until she received confirmation from Bob and Carol?
RotateKey, 1
AckRotateKey
Invite
mAckInvite