[OTR-dev] Evidence of intelligence agency decryption of OTR chats

Ryan Lester hacker at linux.com
Sun Dec 28 19:03:47 EST 2014

Hm, well, there isn't any real context there.

Maybe they'd compromised at least one of the users' machines and run
something like a timing attack against libpurple or libotr?

Alternatively, I wonder if maybe this could have been caused by a
vulnerability in one of the third-party OTR implementations (rather than
libotr or the OTR spec itself). I know some OTR clients have been known to
have had implementation bugs right around that time frame that caused
issues like weak keys (which would explain the NSA's inconsistency in
decrypting messages).

On Sun Dec 28 2014 at 6:40:06 PM Gregory Maxwell <gmaxwell at gmail.com> wrote:

> http://www.spiegel.de/media/media-35552.pdf
> From http://www.spiegel.de/international/world/nsa-
> documents-attacks-on-vpn-ssl-tls-ssh-tor-a-1010525.html
> The fact that they appear to have decrypted some but not all messages
> in a log suggests to me that this is not a host compromise, or an
> MITM. But potentially an attack on 1024 bit DH or AES-CTR?
> _______________________________________________
> OTR-dev mailing list
> OTR-dev at lists.cypherpunks.ca
> http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20141229/c6ccd984/attachment.html>

More information about the OTR-dev mailing list