2. XMPP
• Almost 10 years old
• IETF standard (RFC 3920 RFC 3921)
• More than 100 extensions
• Started as Jabber: XMPP is the protocol
powering Jabber Instant Messaging Network
3. Who’s using XMPP
• GTalk, Facebook (not completely
implemented)
• Jabber.TLD
• Yahoo! (the Video conference site)
• AIM (private interconnects)
• US DoD (big BIG users), UK Armed Forces
bla..bla...
4. What’s XMPP
• XML Streams: send small XML messages
• Simple building blocks
• Extensible: add your stuff, no need to ask
permission
• Federated
5. Guess what’s in your record?
<message
to='romeo@example.net'
from='juliet@example.com'
type='chat'
xml:lang='en'>
<body>Wherefore art thou, Romeo?</body>
<body xml:lang='cz'>PročeŽ jsi ty, Romeo?</body>
</message>
8. OTR brings...
• Forward secrecy
short-live key for messaging
long-term key for authentication
• Repudiable authentication - forgeability
do not want digital signatures
do want authentication
9. Socialist millionaire
In cryptography, the
socialist millionaire
problem is one in which
two millionaires want to
determine if their wealth
is equal without
disclosing any
information about their
riches to each other.