After the arrest of Pavel Durov, I wanted to move from Telegram to something end-to-end encrypted. I know Signal is pretty good, but I think it is better to have our messages in my own server.

I have already looked in XMPP, but it required SSL certs and I did not have the mood to configure them.

Do you know any other selfhosted messaging service for a group of 4-5 friends, or an easy way to configure an XMPP server? Or shall I use Signal after all (I don’t really care that much about being selfhosted, I just thought it would be more privacy friendly)?

UPDATE: I managed to set up an XMPP server using prosody with the SSL certs. We have been testing it with my friend and it seems to go well.

  • tal
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    3 months ago

    I have already looked in XMPP, but it required SSL certs and I did not have the mood to configure them.

    There are definitely XMPP clients that do end-to-end encryption that do not rely on TLS for key exchange, though.

    https://en.wikipedia.org/wiki/Off_the_record_messaging

    Off-the-record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption.

    The primary motivation behind the protocol was providing deniable authentication for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing. This is in contrast with cryptography tools that produce output which can be later used as a verifiable record of the communication event and the identities of the participants. The initial introductory paper was named “Off-the-Record Communication, or, Why Not To Use PGP”.[1]

    I’ve used Pidgin with the libOTR plugin that implements that protocol.

    • czan@aussie.zone
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      3 months ago

      These days I think OMEMO is a better choice than OTR, if your client supports it.