SimpLite MSN Encryption Discussion
Goto page 1, 2  Next  :||:
 Security Forums -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security
Author: NothingToHide PostPosted: Thu Mar 24, 2005 1:58 am    Post subject: SimpLite MSN Encryption Discussion
    ----
I was wondering if SimpLite has been discussed in its entirety around here, I looked all over the forums but only saw a mention of it in the IM Encryption topic, but no "review" of it by a respected member.

I scanned my network as it transmitted with Ethereal I couldnt seem to read the messages when sent with encrypted simplite msn, but Im still unsure.

Another question I have is Simplite accepts Keys from both users, so if hypotheticly your computer was seized and they got the keys on your computer, could they use the keys both computers to decrypt the garbled messages they had been monitoring?

Simplite does have a "Accept Only Once" feature for the keys but Im not sure if that would help.

Basicly Im just looking for a solid answer on Secways "Simp-Lite MSN", is it safe to use? Does it encrypt properly?

I apologize sincerely if this has been discussed already but I looked everywhere and did not see it. I also apologize sincerely for posting this in the wrong forums, im very very sorry.

Any input would be much appreciated,

-NothingToHide
Author: JustinTLocation: Asheville, NC, US / Uberlāndia, MG, Brazil PostPosted: Thu Mar 24, 2005 12:42 pm    Post subject: Nothing.
    ----
I took a brief look at their site, and the information the provide is extremely sparse, and disturbingly vague. The use RSA for authentication and AES or Twofish for encryption; they do not explain how they handle RSA, nor how keys are exchanged, in what mode AES and Twofish operate in, and so on and so forth. There are many subtle attacks that should be addressed, and without proper documentation to outline the implementation specifications, we can't tell if these subtle attacks are irrelevant or not. Also, they state, "AES (up to 128 bits)" - what is this supposed to mean? The AES specification defines Rijndael with a 128-bit block length; the smallest key length defined is 128-bit. "Up to" makes absolutely no sense. Perhaps it's a mistype.

I suppose, with traffic analysis, and other implementation-based scrutiny, you could dissect it and see what's going on, but when it comes to a cryptographic implementation, you shouldn't have to. Everything that is crucial to a proposed level of security should be explicitly defined and elaborated to the point where no clarifications are necessary. Unfortunately, this is rarely the case, since there are more non-cryptographers developing cryptographic software, than ever. There's not a whole lot you can deduce from what little they give. It may suffice, but I wouldn't expect much; their presentation is rather lacking, so this doesn't speak positively.

For what it's worth, it may do, but for anything in which cryptography is absolutely necessary, or where disclosure is of detrimental consequences, it would be in the best interest of anyone to refrain from using MSN Messenger as a correspondence medium. In other words, for the type of information folks should be discussing over MSN Messenger, this should suffice, provided it's not horribly insecure; even then, nothing discussed over MSN Messenger should be worth the effort. At this point, it's not just a matter of cryptographic factors, but also, any other non-cryptographic way in which MSN Messenger may mishandle information.

So, here's my reply, with the summary of, basically, there's nothing given by Secway that is sufficient enough to base a review upon, without actually dissecting the implementation. (I wonder if Segway gave up on scooters, swapped the "g" for a "c", and gave information security a go? I hope not!) Hehe.
Author: NothingToHide PostPosted: Thu Mar 24, 2005 1:28 pm    Post subject:
    ----
What would you say is the most secure IM messaging solution then JustinT?
Author: jansson_markusLocation: Finland PostPosted: Thu Mar 24, 2005 2:15 pm    Post subject:
    ----
NothingToHide wrote:
What would you say is the most secure IM messaging solution then JustinT?

Hushmessenger. Its based on OpenPGP and well documented. And easy to use.
Author: JustinTLocation: Asheville, NC, US / Uberlāndia, MG, Brazil PostPosted: Fri Mar 25, 2005 1:30 am    Post subject: I can only say a little.
    ----
I haven't analyzed any, extensively, to give a responsible answer, but by a cursory glance over documentation and presentation, Hush Messenger looks decent. Also, by the same criteria, SILC (i.e., SILC Gaim, et cetera), looks appealing. I especially appreciate their proper documentation and presentation efforts, that acknowledge certain cryptanalytical issues (i.e., man-in-the-middle attack on DH, integrity preservation via MAC, et cetera) that most fail to.

It uses HMAC, which is a plus; the use of a MAC should always stand out, since, albeit unfortunate, many have no idea what it is, or what it's for, and never will there come a day that I trust the cryptographic competence, or lack thereof, of a developer such as that. Either way, I cannot vouch for the soundness of either implementation, but all things considered, assuming they provide ample security, they seem to be two of the better choices for what they aim to provide. In other words, they attempt to implement decent infrastructures; whether they fail or not is a different story.
Author: comrade PostPosted: Fri Mar 25, 2005 5:13 am    Post subject:
    ----
jansson_markus wrote:

Hushmessenger. Its based on OpenPGP and well documented. And easy to use.


Quote:
Hush Messenger has been tested on Windows XP, 2000, and 98.


Smells like hush messenger loses on cross-platform compatibility.

As for trying to do anything vaguely secure on MSN messenger? Thats pretty much a joke, we can pretty much take a guess at the developers priority's when they were writing that.

OpenPGP over jabber is my preferred scheme.
Author: NothingToHide PostPosted: Sun Mar 27, 2005 5:33 am    Post subject:
    ----
Im really confused as how to setup OpenPGP or GNUPG with Jabber clients, someone in the instant messaging thread suggested Psi and GNU but for the life of me I couldnt figure out how to set it up. Could write a quick guide on how to setup Jabber/OpenPGP? I would really appreciate it comrade.
Author: comrade PostPosted: Sun Mar 27, 2005 3:20 pm    Post subject:
    ----
I can, but I imagine you use windows and since I doubt MS is going to give me a free copy of anything anytime soon I doubt a howto from me would be very useful.

Theres various docs around the place, though. You should be able to work it out pretty easily Wink:

http://www.gnupg.org/(en)/documentation/guides.html
http://psi.affinix.com/psi_docs/
http://psi.affinix.com/psi_docs/encryption.html

The JEP:
http://www.jabber.org/jeps/jep-0027.html


It's really not that hard, but imho alot of the time things in windows seem harder then normal (perhaps on account of no apt/portage?).
Author: MaverickMathematician PostPosted: Mon Apr 04, 2005 11:36 pm    Post subject: ProjectSCIM
    ----
Nobody has mentioned ProjectScim which utilises RSA encoding. The keys are not kept o nyour compue rso are not effected by new legistation in the UK which demands you to hand over your keys and keep you away from the police!

It is as secure as RSA and is free. Definitely worth a look...not many features admitadly but I like it.

Edit:

I didn't mention that the encoding is 1024 bits and is generated on logon.
www.projectscim.com

Moderator note: please don't double post, kindly use the edit button instead - capi
Author: dataLocation: India PostPosted: Tue Apr 05, 2005 8:55 am    Post subject:
    ----
hi Maverick,

Where are the RSA keys kept?
Author: MaverickMathematician PostPosted: Tue Apr 05, 2005 9:42 am    Post subject: Reply
    ----
The beauty of UK Citizens using Project SCIM technology is this: you do not maintain a public/private key pair. Every time you initiate the Project SCIM software a new key pair is generated and never told to you. The public key is sent to the server but the private key is not ever known by any other party. Sorry I did not notice the edit button!

Maverick
Author: comrade PostPosted: Tue Apr 05, 2005 1:50 pm    Post subject:
    ----
Hmmm, curious.

I recall a very similar app to this a few weeks/months ago, might be on /. if I could be bothered finding it.

Effectively it was the same idea, forget the key's at the end of each conversation.

They say on the site that MITM attacks arint a issue, though as far as I can see how can you be sure if everyone doesnt keep a set of signing keys that your talking to the right person? And if you cant be sure your talking to the right person, then whats to stop a MITM attack?
Author: MaverickMathematician PostPosted: Tue Apr 05, 2005 4:46 pm    Post subject:
    ----
To log in to the serve ryou must use a pasword. An dnow I have nothing more to say because my knowledge of computers is minimal!!

MITM (man in the middle attacks) thoguh I suppose might be stoped by this log in and the encryption however I have no idea and i home someone infinitely superior will tell me! and the community!!


Regards,

Maverick
Author: dataLocation: India PostPosted: Tue Apr 05, 2005 7:52 pm    Post subject:
    ----
hi,

Theorotically, it is impossible to prevent a man in the middle attack without a previously shared secret(keys), using classical cryptography.

Data.
Author: MaverickMathematician PostPosted: Tue Apr 05, 2005 7:56 pm    Post subject:
    ----
From someone who really doesn't yet understand this - is a way to share those keys by encrypting them at the end of the previous session?

i.e. I exchange keys with someone for the next day during a chat? Like when Nazi's used Enigma settings?

However I suppose you always have the trouble of choosing the first settings?

Am i close?! Confused

Hope somebody replies!
Author: mxbLocation: UK PostPosted: Tue Apr 05, 2005 8:11 pm    Post subject:
    ----
comrade wrote:
They say on the site that MITM attacks arint a issue, though as far as I can see how can you be sure if everyone doesnt keep a set of signing keys that your talking to the right person? And if you cant be sure your talking to the right person, then whats to stop a MITM attack?


Indeed, I remember thinking similar thoughts when I read that article (sorry, no link either).

The MSN instant messenger network all goes through Microsoft's servers, there is no direct client to client connectivity. This means that a simple log can record every conversation through their servers. On a positive note however, the other party to whom you are communicating does not know your IP address. However, the possible recording of conversations does make some people uneasy, hence the proliferation of encrypted chat.

From what I understand, all of these encryption schemes work by encrypting your text locally and formatting it into a message that will pass through the servers (uuencode or some other such ASCII based scheme I would imagine).

To implement a MITM attack on a asymmetric encryption scheme (e.g. RSA), you would have to masquerade as Microsoft's server to one of the parties and also have your own public / private key pair. A full description follows:

Network setup:

Alice - Connected to the fake MSN server
Bob - Connected to the real MSN server
Eve - The fake MSN server
Trent - The real MSN server (partially trusted I would imagine)

Method:

Alice and Bob communicate through MSN instant messenger, however they would like to keep their communications secret. Because of this they decide to use some instant messenger encryption software. Eve hears about this and decides she would like to read their messages.
Both Alice and Bob generate a public / private key pair. To communicate securely, they must know each others public keys. For Eve to understand what they are saying, she must insert herself between Alice and Bob, and masquerade herself as the other party to both of them. She does this by appearing as the real MSN server to Alice, perhaps by altering her hosts file on her computer (low cost), or intercepting the communications further upstream (high cost). Whatever data Eve receives from Alice, she relays to the real MSN server, so she appears 'invisible'.
When Alice and Bob want to communicate securely, then hit the secure button or whatever, and the public keys are transmitted across the connection. Because Eve is listening, she gains both Alice and Bobs public keys, and replaces them with her own [1]. Alice and Bob then encrypt to Eves public key. Eve then decrypts the messages, stores them, and then re-encrypts with either Alice or Bobs real key and forwards the message.
Eve can then gain a full transcript of the conversation, and Alice and Bob are none the wiser.

Assumptions:

[1] This would only work if Alice and Bob do not check the keys. If this is the first time they have received them, they would not know any better, and would probably trust Eve's replacement key. Good software should check the received keys against previously used keys for any alterations.

Notes:

Even if the software only used asymmetric encryption to transmit a 'once-used' password for symmetric encryption, it would still fall foul to this attack.


This was a quick description of how a MITM attack would work with the MSN instant messenger system. It has quite a few assumptions about the software used, but should give some good pointers on features you should be looking for.

Cheers,
Martin
Security Forums -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Goto page 1, 2  Next  :||:
Page 1 of 2

Powered by phpBB 2.0.x © 2001 phpBB Group