Sunday, September 18, 2016

RetroShare: scandal over the free communication!

Unbelievable!
One of RetroShare maintainers tried to close an issue about sustainable security with no resolving it!
This may only mean government reached it.

The original issue report is pretty simple:
To improve security RetroShare could provide automatic keys regeneration feature.
New key may be sent to friends automatically by secure connection with old key. 
Upon successfull recieving, new key may be used to communicate while old one still used to friends who have not it yet updated.
Would you see how much resistance it takes? Unbelievable. I can't believe some government reached RetroShare. I guess we need a fork. The final reporters reply follows:

You must be kidding me. You need to update key before it compromised. I hope I'll get enough motivation to make it compilable on macbook, but I bet this pull request is better place to start on this #498
Please, think about this issue. It contains information of how to make communication sustainably secure. Any reasonable assumption you can make. For example, current RSA-2048 best brute-forcing is about half-year. Lets update keys monthly. Send new keys with RetroShare emails. Lets keep in mind we send only public part. We cannot state this is insecure operation.
Sorry my post might consist some rudeness. This is definitely wanted ticket that moves RetroShare secure communication to the new level. This might not be closed without special attention of community/society. Any ticket might not be closed without understanding on my opinion.
I respect RetroShare and you guys who work on it. This is only really free secure communication solution for the moment. Bitcoin has such ability but its not specialized on this purpose.
RetroShare became an etalon of freedom in communication and people got attention on this. This might not be used insecurely or for disclosing secure personal information any more if it was. If someone would see this like me at the topic then fork appears quickly. The best idea is to keep goal of the project for sustainably secure communication.


But what is even MORE important!

...bla-bla-bla...here!:
 @cavebit did not get issuer but he noted about great security issue:

cool down
I am still waiting for answers of my question! #423 (comment)Post-quantum deCrypto needs Post-Quantum EnCryption!
I assume you talk about GPG-Key updating, right? these keys are only used for authentication.
re-creating all the time the keys for authentication is a nightmare. Already doing the initial making-friends is a mess and not that easy. to make this problem recurring and to need to re-friend the network all the time is not making it more secure.
Insist on pushing the default to 4k RSA GPG-Keys for the authentication. that would make a benefit. rotation of the GPG-Keys is not improving. (How often do you replace your GPG-Keys for your Mail Accounts atm? )
More interresting is this part: To add some forced ReKeying after n hours.
Increase the actual key which is used to encrypt. To replace the key after n hours to improve the PFS functionality.
https://github.com/RetroShare/RetroShare/blob/master/libretroshare/src/pqi/authssl.ccThis is not the GPG-Key.
Also these certificates are signed at best with SHA1 <-- https://github.com/RetroShare/RetroShare/blob/master/libretroshare/src/pqi/authssl.cc#L589Just to be clear, actually RetroShare connections are encrypted by OpenSSL TLSv1.2: DHE-RSA-AES256-GCM-SHA384 and not with GnuPG!!!
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit <-- should be increased already to 4k
Protocol : TLSv1.2
Cipher : DHE-RSA-AES256-GCM-SHA384
So before we start discussing the Keys for authentication after post-quantum crypto, we should increase security for today technology.

You know, multiple ciphering might have less security then single ciphering.

An issuer replies:
Thank you @cavebeat for pointing everyone to the DHE-RSA-AES256-GCM-SHA384 security problem.
I have dramatically good news to you.
Mr. Stolman have interested with this project a bit:
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
I will look for someone who can review Retroshare for me.
Please, be patient to issues shower that possible coming. Do not close any issue just if you want.

No comments:

Post a Comment