[OTR-users] Question about the authenticated key exchange
Viktor Stanchev
me at viktorstanchev.com
Sun Oct 28 18:25:01 EDT 2012
Hi,
I'm trying to understand why an Authenticated Key Exchange protocol is used
in OTR instead of just exchanging public keys in plaintext. Where can I
read more about AKE?
I'm building a cyrpto based system that uses the socialist millionaire
protocol to verify public keys, but I don't need a session at the time of
the authentication. Users will be sending each other messages later on and
I don't think I'll be using perfect forward secrecy because the messages
are not chat messages.
What do you guys think? Should I skip the AKE?
Thanks,
Viktor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20121028/19706324/attachment.html>
More information about the OTR-users
mailing list