[OTR-dev] Draft of Security Analysis
Paul Wouters
paul at cypherpunks.ca
Wed Mar 8 14:54:50 EST 2006
On Tue, 7 Mar 2006, Andrew S. Morrison wrote:
> I think the point is that an attacker with tight network control on both
> end points is capable of removing or mangling the published MAC keys, and
> thus destroying strong deniability.
Doesn't the other end check the MAC? If not, perhaps it should. This attack
should be detectable. Though I guess a complex attack could work where
the mac is sent *privately* by the attack to the other endpoint's attacker
to rewrite the packet. But that is a lot of work for destroying strong
deniability (and wouldn't work on say, a wifi connection, where the attacker
sees the packet together with everyone else before it can modify it.
Paul
More information about the OTR-dev
mailing list