Add Conference Room Encryption
Brought to you by:
obobo
Menu
▾
▴
#18 Add Conference Room Encryption
open
nobody
None
3
2004-08-12
2004-08-03
Anonymous
No
The ability to initiate a conferece with several users who
have GAIM Encrypt installed and carry on an encrypted
conversation so that all the users could read and write. I
can think of two possible ways to facilitate this:
A) The sender would have to encrypt the message to
each person in the conference room
B) The first person who chats would have to create a
symmetric key that would be sent to all users using
public/private. Then all messages would have to be
encrypted and decrypted with the symmetric key.
Any other ideas on how to do this?
Logged In: YES
user_id=21203
I've thought about this a bit in the past, and think that
(B) would be the way to go. Distributing that symmetric key
(call it Ks) would be the difficulty.... When someone joins
the chat, does another client automatically send them the
key? If so, which client does? And what if Mallory joins
the channel for a second, gets the key, then leaves... he
still has the key, so he can listen in on his network
sniffer, so you probably want to regenerate the key when
someone leaves chat.
All in all, I think it's a pretty neat problem to solve
cleanly, but also a rather big effort, as it would be
completely different from the current encryption scheme. I
just don't have time to work on it now. Maybe if I get
fired, I'll have time to work on fun projects like that :)
Logged In: NO
They're both fairly standard ideas for encrypted broadcast
communication. Since AIM traffic is pretty low-bandwidth,
(A) would probably be fine, and presumably take less effort
to implement. However, large groups could cause problems.
I don't ever use the chat feature so I have no idea how
large the groups tend to get. The symmetric group key idea
is probably the right way to do it, but more of a pain to
implement.
Logged In: YES
user_id=21203
In the #gaim chat room on irc, there are frequently >100
people, so chat groups do get pretty big sometimes. Now,
why exactly you need encryption for a public forum like that
is another question :)
Logged In: YES
user_id=1451565
A friend of mine and I had thought about adding this
functionality to gaim-encryption. The solution we came up
with was neither A) nor B) but a third option.
The assumption that a chat room is either by invite or
public and thus you _want_ everyone in the room to be able
to hear but not eavesdroppers as the communication is
sent/received we though the most efficient way to solve this
problem would be to decrypt the message w/ your own private
key to be encrypted by all receivers in the room with your
public key to obtain the text.
It is analogous to digitally signing an email [according to
my limited knowledge] anyone with your public key can
decrypt the information [which is rather unsecure] but if
your only concern is encrypted network travel you should be
okay.