Jurre van Bergen: > > *OTR* > OTR support comes from the Go crypto package: > https://code.google.com/p/go.crypto/ > This library only has support for OTRv2 and not the latest OTRv3 > specification. If we want to be resistant to several attacks[1] on the > OTR protocol, we need to reimplement the OTR protocol and update it to > the latest version or, we use Cgo, which binds into libotr. (Open > questions: OTR by default?, ) > > [1] > http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.165.7945&rep=rep1&type=pdf According to agl: "The DH and DSA code uses Go's math/big library, which isn't constant time." He said these non-constant time Go primitives are used by OTR, and will be used by TLS if they are specified by the negotiated cipher suite. So xmpp-client's OTR and TLS support would definitely need to be rewritten to call out to a native code implementation or rewritten to use new constant time Go primitives, independent of OTRv2 vs OTRv3. -- Mike Perry
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev