[OTR-dev] otr dh key encryption

Ileana ileana at fairieunderground.info
Tue Feb 19 14:33:40 EST 2013

Correcting my post...sorry
> OK...well this has been a confusion for me.  Again, would like some
> kind of diagram here...because I know OTR compares the fingerprints
> (or allows for comparison).  That seems like authentication to me...A
> constant fingerprint.  So OTR also creates and stores a DSA key to be
> used for authentication?  I thought El/gamel or RSA was supposed to be
> used...but beyond that its over my head do to vulnerabilities with DSA
> auth.

It is correct...DSA is still used for signing, and El/gamel is for
encryption.  Think I got mixed up with DES.

http://www.ecrypt.eu.org/documents/D.SPA.17.pdf page 75.
"For future deployments we recommend a p with at least
L = 2432 with has a l = 224-bit prime q dividing p − 1"

I guess the gcrypt library insures the generated key has those
properties?  seems you just specifiy the number of bits to the key
creation function...but again here they want even greater then 2048

/* Do the private key generation calculation.  You may call this from a
 * background thread.  When it completes, call
 * otrl_privkey_generate_finish from the _main_ thread. */
gcry_error_t otrl_privkey_generate_calculate(void *newkey)
    struct s_pending_privkey_calc *ppc =
            (struct s_pending_privkey_calc *)newkey;
    gcry_error_t err;
    gcry_sexp_t key, parms;
    static const char *parmstr = "(genkey (dsa (nbits 4:1024)))";

    /* Create a DSA key */
    err = gcry_sexp_new(&parms, parmstr, strlen(parmstr), 0);
    if (err) {
        return err;

Overall, otr-devs, I am surprised at how clean and easy to read the
code has been...kudos.

More information about the OTR-dev mailing list