SMP authentication

One problem with encrypted communication is that of authentication. When you start talking to someone, it’s easy to set up an encrypted channel between you and the contact. But it’s quite hard to know whether your channel goes directly to the other person, or if someone inbetween have managed to insert themselves in the communication, executing a person-in-the-middle attack. You can think about this as a person sitting inbetween you and your contact, and decrypting everything you say, reading it, and re-encrypting it for your contact - and the same in the opposite direction. This is a deep and fundemental problem in cryptography, and the best solution available to us is that of authenticating your contact. This can easily get a bit technical, but for now we will try to keep it light. More information about how to do the authentication can be found in the user manual, here.

Authentication is really the process of checking whether your cryptographic information for your contact is the correct one for that person. The best way to do this is to sit next to your contact and check that you have the same information on both sides. One way to do this is to use what’s called a fingerprint. The fingerprint is a number that uniquely identifies your cryptographic information, so if your contact has the same fingerprint as you, then you know that no-one is sitting inbetween. You will have to compare two fingerprints though - one for yourself, and one for your contact. In CoyIM, these fingerprints are long strings, composed of numbers and letters between A and F. The numbers are usually broken up into smaller groups, to make it a bit easier to read and manage. Just to give you an idea, a fingerprint for one of my accounts looke like this in CoyIM: 7B097059 6FB66BCF C4823540 DAD37B95 1818CB2D.

Comparing these kinds of strings are not very nice though - and it’s also easy to make small mistakes. For this reason, CoyIM also allows you to do authentication using a method called Socialist Millionaire Protocol. With this method, you can authenticate the other person if you both know a secret, or if you share a number of some kind. The important thing here is that you both know exactly the same secret, and that no other person can find it. You can also provide a hint, if you want. For example, a good secret might be “Which country did the food come from we ate the first time we met?”. The answer might be “Thailand”. The important thing is that your contact writes down exactly the same string as you do, so you need to be clear about that. But it still needs to be secret. However, it’s not like a password, where an attacker will have many chances of trying to break your security. What’s great about SMP is that you only have one try. But that can also sometimes make it more complicated to verify another person. One important warning: you should not say the secret in the chat window, since this is the channel we are trying to make secure. If we used this insecure channel to transmit the secret, that would defeat the purpose of trying to authenticate the person.

CoyIM also has a simplified version of SMP, where generate a six-digit number for you. If you have another reasonably secure way of sending this number to your contact, the process becomes very easy and streamlined. The important thing is that you authenticate your contact in some way before you actually trust the encryption. Sadly, this is the most complicated part of the process and it’s not an easy thing to solve. With CoyIM, we have tried to make the process as nice as possible, while still keeping security.