[OTR-users] Stronger crypto?
Jonathan Schleifer
js-otrim at webkeks.org
Sat May 10 07:59:49 EDT 2008
Hi!
I looked at the specification of the OTR protocol and have a few
suggestions.
First: Why not move from AES128-CTR to AES256-CBC? It only needs a few
cycles more, but provides stronger crypto. Shouldn't be a problem, even
on slower machines.
Second: Why not increase the public/private key to 4096 bit? DSA2 can
handle that. And since that key isn't generated every 5 minutes,
performance on slow machines shouldn't be an issue here either.
I haven't read the whole specification, only had a quick look at it, so
feel free to correct me if I've missed something.
I'd welcome it if there'd be a new OTR version providing stronger cryto.
--
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20080510/e5492650/attachment.pgp>
More information about the OTR-users
mailing list