[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Attentive Otter: Analysis of xmpp-client



Jurre van Bergen:
> 
> *OTR*
> OTR support comes from the Go crypto package:
> https://code.google.com/p/go.crypto/
> This library only has support for OTRv2 and not the latest OTRv3 
> specification. If we want to be resistant to several attacks[1]  on the
> OTR protocol, we need to reimplement the OTR protocol and update it to
> the latest version or, we use Cgo, which binds into libotr. (Open
> questions: OTR by default?, )
> 
> [1]
> http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.165.7945&rep=rep1&type=pdf

According to agl:
"The DH and DSA code uses Go's math/big library, which isn't constant
time."

He said these non-constant time Go primitives are used by OTR, and will
be used by TLS if they are specified by the negotiated cipher suite.

So xmpp-client's OTR and TLS support would definitely need to be
rewritten to call out to a native code implementation or rewritten to
use new constant time Go primitives, independent of OTRv2 vs OTRv3.


-- 
Mike Perry

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev