[OTR-dev] Symmetric key retrieval
Ian Goldberg
ian at cypherpunks.ca
Thu Jul 3 16:38:31 EDT 2008
On Thu, Jul 03, 2008 at 03:08:43PM -0400, Paul Wouters wrote:
> On Wed, 2 Jul 2008, Ian Goldberg wrote:
>
> >For Paul :-)
>
> >I've checked in support for applications asking libotr for a
> >forward-secret symmetric key.
>
> Excellent! This is a step towards using session keys to protect file
> transfers and video/audio conferencing!
>
> >[OTRL_EXTRAKEY_BYTES is currently 32, so you get 256 bits out of it.]
> >
> >Paul, is that what you were looking for?
>
> Yes, though I am not sure if 256bits is strong enough for a session key.
> Is that the strength within our OTR session anyway? When used for 3des,
> aes or blowfish symmetric crypto?
OTR uses AES-128. I made 256 bits available so you can get two 128-bit
keys out of it (say, one for encrypting in each direction, or one for
encrypting and one for a MAC). The 256 bits are basically a SHA-256
hash of the current Diffie-Hellman g^{xy} value (in order to preserve
forward secrecy).
- Ian
More information about the OTR-dev
mailing list