[OTR-dev] Extra symmetric key
Dev Random
c1.otr-dev at niftybox.net
Mon Jan 14 00:05:30 EST 2013
Hi all,
I plan to use the Type 8 TLV / extra symmetric key in the Gibberbot
project, but I am puzzled by the description in the OTRv3 spec.
TLVs are already encrypted inside the message envelope. What is then
the function of the additional key h2(0xFF)? Since the message is
already encrypted with a related key - h1(), there seems to be no added
security from another layer of encryption.
Could the Type 8 TLV data be used as is (without using h2(0xFF) to encrypt)?
I also note that the libotr4 implementation of otrl_message_symkey
doesn't do any encryption on sending, and only provides h2(0xFF) as a
callback, but doesn't do decryption.
--
Miron / devrandom
More information about the OTR-dev
mailing list