[OTR-dev] Evidence of intelligence agency decryption of OTR chats
Ian Goldberg
ian at cypherpunks.ca
Mon Dec 29 06:21:47 EST 2014
On Sun, Dec 28, 2014 at 11:40:02PM +0000, Gregory Maxwell wrote:
> http://www.spiegel.de/media/media-35552.pdf
>
> >From http://www.spiegel.de/international/world/nsa-documents-attacks-on-vpn-ssl-tls-ssh-tor-a-1010525.html
>
> The fact that they appear to have decrypted some but not all messages
> in a log suggests to me that this is not a host compromise, or an
> MITM. But potentially an attack on 1024 bit DH or AES-CTR?
OTR uses 1536-bit DH, not 1024-bit DH.
It's possible the transcript on the second page of that PDF shows
protocol messages (OTR Query, key exchange, etc.) messages. But I don't
have a similar explanation for the ones after the undecryptable OTR
messages on the first page.
- Ian
More information about the OTR-dev
mailing list