I’m aware that Session has been discussed twice before on this community, but the last thread was 6 months old so excuse my starting a new one.

There’s one big concern I wanted to bring up, which is the disagreements over whether it has forward secrecy. The spec says it does, but I’ve found two other sources saying it doesn’t:

https://restoreprivacy.com/secure-encrypted-messaging-apps/session/ (search for “Perfect Forward Secrecy removed”) https://www.securemessagingapps.com

Why are they saying this? Is there a critical caveat to Session’s forward secrecy (does it not have it in closed groups?), or are both sources just wrong?

(I’ve also heard one source say its closed groups are limited to 10 members which would be a showstopper for me and another source say they’re limited to 100 and the spec says 500 so i don’t know what to believe.)

I’m also concerned about it being built on top of a blockchain and cryptocurrency, not because I’m suspicious of cryptocurrency in general but because I find it difficult to understand, and because that it costs thousands of dollars to run a Session node seems to me like the network is bound to be owned exclusively by a few rich companies and investors. Is it? Is there a place I can see who owns how much of it, particularly how much is owned by the Oxen developers?

UPDATE: I believe I’ve just learned that Sesison DOES NOT have forward secrecy or deniability; the whitepaper linked on their CURRENT website is outdated. https://getsession.org/blog/session-protocol-technical-information

  • Lynda@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    3 years ago

    It’s my understanding Session doesn’t do PFS because in order to do that kind of attack the attacker would need to have access to the device. And if the attacker has access to the device, then PFS isn’t going to be a benefit.

    I don’t understand why apps/messengers have a relationship with blockchain/cryptocurrency either. (so I am guessing). I’m not sure cryptocurrencies are really blockchains, and blockchains are really just protocols, and messengers are using the protocol. Sometimes blockchains sounds like a method/protocol for storing data in a distributed network.

    Or perhaps saying it this way: you can do multiple things with a blockchain, and cryptocurrency is just one of those things. So if an app/platform is going to use a blockchain, they can easily leverage the blockchain protocol for other things (currency, storage, transactions, messages, distributed apps, etc).

    • Yujiri@lemmy.mlOP
      link
      fedilink
      arrow-up
      0
      ·
      3 years ago

      Damn. If Session really doesn’t do PFS then I definitely won’t be telling my friends to switch away from Matrix for it. It’s true that PFS only matters if the attacker compromises a private key, but it is a really important property that a key or device compromise at some point doesn’t comrpomise all previous messages.

      Latacora’s takedown of PGP has a good explanation of why this is so important:

      In modern cryptography engineering, we assume our adversary is recording everything, into infinite storage. PGP’s claimed adversaries include world governments, many of whom are certainly doing exactly that. Against serious adversaries and without forward secrecy, breaches are a question of “when”, not “if”.

      But if it’s true that Session doesn’t do PFS, then why does the spec say it does? Can someone tag a developer?

      • Yujiri@lemmy.mlOP
        link
        fedilink
        arrow-up
        0
        ·
        3 years ago

        @KeeJef@lemmy.eus seems to be the CTO of Session based on other threads