Hacker News new | ask | show | jobs
by sneak 4540 days ago
If your multiparty protocol is actually something you want scrutinized, why not follow the accepted model and make a c library reference implementation and release a research paper outlining the basis for your design decisions?

"Hey guys, here's the code, file some bugs for software that is of no use for you to spend time auditing" is pointless.

Adium has an incentive to read the libotr sources. Every user has a small incentive to read kernel sources.

Nobody has any meaningful incentives to read the cryptocat homebrew multiparty cryptosystem except the few you've paid to do so. This is cargo cult peer review; it looks like you're doing it but it doesn't actually yield the intended results.

PS: glad to see you switched to OTR for two party. You should have done that years ago, but at least you wised up in the end. Hopefully nobody got killed or tortured in the process.
1 comments
magikarp 4540 days ago
It's true that we don't have a research paper per se for the multiparty protocol, but we do have a specification document [1] as well as implementations in Objective-C, Java and JavaScript. The specification, as well as the implementations, have received both professional audits (from cryptographers) as well as community audits. The reason we don't have a research paper published is simply because we're working on one right now — a redesign of the multiparty protocol based on OTR. We have cryptographers on board from various Canadian universities and are organizing an internal forum to get them to collaborate on this. We expect publishable results by June 2014.

Regarding OTR, we actually switched to that 16 months ago — it's not exactly like we recently wisened up.

[1] https://github.com/cryptocat/cryptocat/wiki/Multiparty-Proto...

link
sneak 4540 days ago
> as well as implementations in Objective-C, Java and JavaScript.

Factor the ObjC version out to plain C, and call into it from your Objective C implementation. Make the plain C version the canonical version. (Things like Emscripten may be useful here for your JS use-case.) This is how libotr does it, and for good reason.

Then, others can use it, and perhaps you will get meaningful free auditing. What you're doing now probably won't attract that because unless your bug bounty is six-figures, nobody competent will spend any significant amount of time auditing it because they have no incentive to do so.

link
magikarp 4540 days ago
Everything you've said in your comment is good advice. Once the paper I've mentioned is ready, we will have this kind of implementation.
link