[tor-dev] Attentive Otter: Analysis of xmpp-client
mikeperry at torproject.org
Tue Oct 8 23:49:51 UTC 2013
Jurre van Bergen:
> OTR support comes from the Go crypto package:
> This library only has support for OTRv2 and not the latest OTRv3
> specification. If we want to be resistant to several attacks on the
> OTR protocol, we need to reimplement the OTR protocol and update it to
> the latest version or, we use Cgo, which binds into libotr. (Open
> questions: OTR by default?, )
According to agl:
"The DH and DSA code uses Go's math/big library, which isn't constant
He said these non-constant time Go primitives are used by OTR, and will
be used by TLS if they are specified by the negotiated cipher suite.
So xmpp-client's OTR and TLS support would definitely need to be
rewritten to call out to a native code implementation or rewritten to
use new constant time Go primitives, independent of OTRv2 vs OTRv3.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: Digital signature
More information about the tor-dev