[OTR-dev] Last-minute change to libotr 4 API
Paul Wouters
paul at cypherpunks.ca
Sat Aug 25 23:28:05 EDT 2012
On Sat, 25 Aug 2012, Ian Goldberg wrote:
> So even after Alice and Bob have established an OTR session and are
> happily chatting, the current 4.x (master branch) code still has a copy
> of the private key used to generate Bob's COMMIT message stashed away.
> If Bob's computer's memory is compromised after that point, this private
> key may be able to be used to decrypt the first messages of the
> conversation. This is undesirable.
But wouldn't the messages be in plaintext in memory anyway somewhere
in pidgin space? If you can read memory of the user, can't you get to
the plaintext anyway? Even with logging disabled?
> polltime = otrl_polltime(userstate);
> otrl_poll(userstate, uiops, uiopdata);
>
> every polltime seconds (or thereabouts; exactness is not important).
> The otrl_poll function will do any periodic cleanups necessary for
> forward secrecy purposes (and, I suppose, any other operations that
> should be done periodically, but none is needed at the moment).
Seems fine, but I would really like to do some extended testing to see
how it works in practise.
Paul
More information about the OTR-dev
mailing list