Threema: Are received messages exposed, when sender’s private key gets compromised?

Note: This question is specific to the Threema Messenger, and relates to their implementation of encryption (using the NaCl ECDH implementation as per their docs).

I refer specifically to their “note on outgoing messages” in their validation document on their website:

It may seem strange that outgoing messages can be decrypted by entering the sender’s private key and the recipient’s public key, i.e. without knowing the recipient’s private key. …

Now, consider this scenario:

  • Alice has received a message from Bob, while Eve records/intercepts traffic as person-in-the-middle on the way to Alice.
  • Alice’s public key of course is public, but Alice never disclosed the private key.
  • Eve somehow gets the private key of Bob.

With Bob’s key and the traffic, could Eve now decrypt all content Bob has ever sent to Alice?

In other words, with Threema, is the privacy of received content dependent on the safety of the private key of the SENDER?

Which messages are included in (D)TLS Finished message’s verify_data field for session resumption

The https://tools.ietf.org/html/rfc5246#section-7.4.9 states which messages are included for PRF computation that is included in Finished messages

It is clear for ‘regular’ (initial) handshake

But assume that the client wants to resume the DTLS session

Client sends the ClientHello with previous SessionID field
The server responds with ServerHello, sends ChangeCipherSpec (not included for verify_data computation) and Finished

Which messages should be included for verify_data field computation in Finished message sent from server?
A. Should it be only the most recent (resuming) ClientHello and ServerHello
B. Should it be the most recent (resuming) ClientHello and ServerHello plus previous (initial in our example) handshake messages?

Originally asked: https://crypto.stackexchange.com/questions/77016/which-messages-are-included-in-dtls-finished-messages-verify-data-field-for-s but I’m unsure which forum it belongs to

Error messages generated in a table calculation prevent “good” elements of that table being accessed

If I make a batch fitting routine, something like:

FitResultsData =      Table[              SpectrumData = Import[SpectrumList[[i]]];                SpectrumFit = NonlinearModelFit[SpectrumData, Model, {a, b, c}, x];                  aFitOut = a /. SpectrumFit["BestFitParameters"];                  bFitOut = b /. SpectrumFit["BestFitParameters"];                     cFitOut = c /. SpectrumFit["BestFitParameters"];               {i, aFitOut , bFitOut, cFitOut},              {i, 1, Length[SpectrumList]}             ] 

and a fit fails completely, e.g. I get a Power::infy: Infinite expression 1/0.^2 encountered. error or something, I find that when it comes to going on to use FitResultsData after all Table[..] has finished fitting and executing no matter which row I select for example FitResultsData[[1]] the error Power::infy: Infinite expression 1/0.^2 encountered. will be returned. This happens even say the original source of the error was in spectrum i = 99.

Is there a method of escaping such errors, such that even though one spectrum fit might be bad, it doesn’t stop be accessing the 99% successful

Move form validation error messages to top of page

When a user registers on our site (using Ultimate Member plugin, but I think it’s a generic issue) and the form doesn’t validate, it reloads the page with an error message right down the bottom, where users don’t see it, and they assume the form submitted correctly. This seems like a crazy choice! Is there a way to move the error message to the TOP of the page, so it’s more obvious when the form submit fails?? Or scroll the page to the bottom when it loads? Thanks so much! Julie

Does Google’s Messages for Web store text messages on a server?

Does anyone know if Messages for Web actually stores (either permanently or intermittently) any text messages on Google or third party servers? Is it only messages viewed, or all messages in a thread or all messages period? It seems reasonable to assume that for the service to work the messages must go through a server owned by Google at some point.

Is there a difference between editing HTTP messages manually or with burp for example? (WebGoat HTTP intercept exercise “problem”)

I am diving now into WebGoat, there’s this little exercise in the “general” tab calle d “http proxies” which asks you to use zap/burp to intercept and modify a request, this is what is being us asked.

enter image description here

I understood what is being us asked to do, but I don’t understand why if I change it manually it doesn’t work, whereas if I use the burp button “change request method” does, as it’s the same text at the end, am I missing something?

This is the original request

And here after I modify it with the button

The only difference is that I write that GET string manually and then add the ?changeMe=Requests+are+tampered+easily I don’t understand why it won’t work and it’s driving me nuts.

Oh and another thing, if I enter the x-request-intercepted:true below Cookie sometimes wont work, is it being considered body or what? (there isn’t a break line)

How can I get all messages from a user without looping over the entire table?

I have a database with many Users and many many Messages, each with a single User sender and a single User recipient. I want to get all messages sent by John from my MySQL table with a low lagtime. He has only ever sent 20 messages, but the total messages sent by the database amount to a full 20,000,000. How can I quickly pull John’s sent messages?

I have tried:

SELECT * FROM Messages WHERE name = 'John'; 

which times out.

I am considering making Views for every username, so I can just SELECT * FROM JohnView;. This would presumably be satisfactory time-wise, but I don’t want to make unique views for all 500,000 users. Is there a way to pre-sort a table by name so I can binary search for all messages from any individual user?

Forward secrecy (plausible deniability) and storing messages

How do messengers, like signal or XMPP-omemo messengers, store their messages? Since, the session key is only valid for the current session, how can such extensions like MAM (message archiving on XMPP server) or storing the messages encrypted on the disk work? Futher, you often want plausible deniability with malleable encryption and publishing your MAC-Keys. If this happens, how can u be sure that integrity and authentication is still valid?