Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MSC3963: Oblivious Matrix over HTTPS #3963

Open
wants to merge 15 commits into
base: main
Choose a base branch
from
Open

MSC3963: Oblivious Matrix over HTTPS #3963

wants to merge 15 commits into from

Conversation

ghost-amnesiac
Copy link

@ghost-amnesiac ghost-amnesiac commented Feb 3, 2023
edited
Loading

Strong, extensible, and minimal configuration user anonymization through diversity of the Matrix homeserver federation.

From: shadesys <@shadesys:matrix.org>
Signed-off-by: shadesys <@shadesys:matrix.org>
Co-developed-by: ghost-amnesiac 123417798+ghost-amnesiac@users.noreply.github.com
Signed-off-by: ghost-amnesiac 123417798+ghost-amnesiac@users.noreply.github.com

Rendered

@ghost-amnesiac
Draft MSC3963: Oblivious Matrix over HTTPS
12a0608 
Strong, extensible, and minimal configuration user anonymization
through diversity of the Matrix homeserver federation.

Proudly written in nano.

From: shadesys <@shadesys:matrix.org>
Signed-off-by: shadesys <@shadesys:matrix.org>
Co-developed-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@turt2live turt2live added proposal A matrix spec change proposal client-server Client-Server API kind:feature MSC for not-core and not-maintenance stuff needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. labels Feb 3, 2023
shadesys and others added 3 commits February 3, 2023 20:52
@ghost-amnesiac
Final Draft 1 MSC3957: Oblivious Matrix over HTTPS
a045344 
+ Added "API Endpoint Whitelisting/Blacklisting"
+ Added "Extensions: 'Hidden Service' Homeservers"
+ Added "Extensions: Store And Forward"
* Miscellaneous corrections
* Fixed non-standard Markdown tables

From: shadesys <@shadesys:matrix.org>
Signed-off-by: shadesys <@shadesys:matrix.org>
Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac
Final Draft 2 MSC3957: Oblivious Matrix over HTTPS
0d3c307 
* More minor corrections for formatting issues that slipped through

Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac
Final Draft 3 MSC3957: Oblivious Matrix over HTTPS
61fe37e 
* Fixed incomplete bit in "Rotating Ephemeral Public Key".
  Hopefully this is the last correction before reviews

Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac ghost-amnesiac marked this pull request as ready for review February 3, 2023 20:23
ghost-amnesiac and others added 4 commits February 4, 2023 23:52
@ghost-amnesiac
Final Draft 4 MSC3957: Oblivious Matrix over HTTPS
a48fe01 
+ Specified /incoming response Content-Type
+ Add encryption scheme payload sanity check
* Moved /relay "200 Response (Plaintext)" to /incoming
* Reduced encryption scheme padding range from 40-FF to 10-40 to minimize 
  message overhead
* Increased encryption scheme header L parameter size from 8 to 10 bytes so that 
  users can upload more than 16 megabytes at once (now 1 gigabyte)
* All hexadecimal values should now be proper hex values
* Minor corrections

Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac
Amend a48fe01
b7db1c8 
* Updated encryption blob sanity check to actually use new 1 GB

Signed-off-by: ghost-amnesia <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac
Amend b7db1c8
abcd360 
* Update all the hex offsets to use the new L length

Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac
Final Draft 5 MSC3963: Oblivious Matrix over HTTPS
0bce812 
* Finally renamed the file from 3957 to 3963, sorry about any
  confusion that may have caused
* Disambiguate language in threat models, encryption scheme, and
  tidbits about base64
+ Added encryption padding spec
+ Added base64 encoding overhead to DPI Fingerprinting Resistance

From: shadesys <@shadesys:matrix.org>
Signed-off-by: shadesys <@shadesys:matrix.org>
Co-developed-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac
Copy link
Author

Commits a48fe01, 61fe37e, 0d3c307, and a045344, as well as the document filename in abcd360 and before incorrectly refer to "MSC3957" which should have been "MSC3963". Sorry about that!

@ghost-amnesiac
Amend 0bce812
ea747ed 
* Replaced erroneous use of "3962", mainly in Unstable Prefix

Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac
Amend ea747ed
318f831 
* Corrected /.well-known/matrix/moh spec "-relay" postfix to
  "-relay-only"
@ghost-amnesiac
Amend 318f831
9bb9976 
* Corrected size of L in table from 8 to 10

Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac
Copy link
Author

ghost-amnesiac commented Feb 25, 2023
edited
Loading

There might be some additional security nuances associated with using RSA without DHKE, specifically surrounding how to pad the RSA-encrypted header to protect against chosen plaintext attacks (since standard RSA doesn't use an IV). MSC3963 is going back to draft status until we can look into them further.

@ghost-amnesiac ghost-amnesiac marked this pull request as draft February 25, 2023 09:04
shadesys and others added 2 commits March 3, 2023 20:36
@ghost-amnesiac
Final Draft 6 MSC3963: Oblivious Matrix over HTTPS
6acd071 
+ Added "On P2P Matrix / Pinecone"
* Fully refactored encryption scheme header standard to reduce
  size overhead
* Placeholder API version changed from "r0" to "v1"
* Minor formatting corrections

From: shadesys <@shadesys:matrix.org>
Signed-off-by: shadesys <@shadesys:matrix.org>
Co-developed-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac @richvdh
Amend 6acd071
cfc78dd 
* Fix typo in Deanonymization Threat Modelling

From: richvdh

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
@ghost-amnesiac ghost-amnesiac marked this pull request as ready for review March 3, 2023 20:19
@ghost-amnesiac
Amend cfc78dd
aab8cd1 
* Updated outdated encryption schema references in protocol
  diagram

Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>
@ghost-amnesiac
Final Draft 7 MSC3963: Oblivious Matrix over HTTPS
d4894e3 
From: shadesys <@shadesys:matrix.org>
Signed-off-by: shadesys <@shadesys:matrix.org>
Signed-off-by: ghost-amnesiac <123417798+ghost-amnesiac@users.noreply.github.com>

* Committing some old, backed-up updates to the "Proposal" usage flow.
  It should now properly use the new encryption scheme and no longer
  contradict itself in various places due to bits that remained from
  when the encryption scheme was centered around the remote HS TLS cert.
* Minor language tweaks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@richvdh richvdh richvdh left review comments

Assignees
No one assigned
Labels
client-server Client-Server API kind:feature MSC for not-core and not-maintenance stuff needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. proposal A matrix spec change proposal
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ghost-amnesiac @richvdh @turt2live