[OTR-dev] OTR version 4 Draft #2

Carsten Mattner carstenmattner at gmail.com
Fri May 11 10:38:25 EDT 2018

On 5/11/18, Sofia <sofia at autonomia.digital> wrote:

> We don't have a clear path of when v5 is going to come, as we are
> dedicating the next months to finish all the implementation of v4 in C.
> Around ideas we have had for v5, we have thought of including a
> post-quantum algorithm if they are sufficiently stabled and implemented
> (in a production-ready way) by the time v5 comes. We will probably
> update some cryptographic primitives, if efficient ones are available by
> that time. And lastly, I hope that in that version we have a secure,
> efficient and good way of supporting group chat (but this needs a lot of
> work).

I would actually love to see a forward compatibility mode in existing
plugins when v4.5 or v5.1 adds PQ ciphers. You know, automatic
upgrade, and later down the road a safe way to block downgrades -
unlike TLS.

> Well, the libraries we have for crypto primitives per se are
> "libsodium-dev", "libgcrypt" and "libgoldilocks". The latter is just for
> the curve. Mmm... what can be pushed for this is including
> ed448-Goldilocks in libsodium
> (https://github.com/jedisct1/libsodium/issues/254). I don't know the
> state of this issue, though.. I'll ask around.

That sounds like a nice improvement. Hope it gets through.

More information about the OTR-dev mailing list