> A malicious server can trick the client into using the same key while talking to the server during the initial registration protocol and while talking to other users in the E2E protocol.
this is bad
> we show that the attacker can trick a user into creating a valid vouch box and sending it to the attacker. This allows the attacker to impersonate the client to the server forever.
This attack means that, under some circumstances, a user might compromise his or her own account by simply sending a message to another user.
The title of this submission is editorialized and misleading. @dang, please change to the original title "Three Lessons from Threema -- Analysis of a Secure Messenger".
I would argue that it is not misleading -- the website domain is, after all, "breakingthe3ma.app".
The title of the paper presents a more academic angle, and is intended to highlight what the "learned lessons" are, but let's not forget that Threema was vulnerable to our attacks for 10+ years.
intuxikated|3 years ago
this is bad
> we show that the attacker can trick a user into creating a valid vouch box and sending it to the attacker. This allows the attacker to impersonate the client to the server forever.
This attack means that, under some circumstances, a user might compromise his or her own account by simply sending a message to another user.
Yikes
tmalsburg2|3 years ago
winterdeaf|3 years ago
The title of the paper presents a more academic angle, and is intended to highlight what the "learned lessons" are, but let's not forget that Threema was vulnerable to our attacks for 10+ years.