[OTR-users] New revelations
Paul Wouters
paul at cypherpunks.ca
Sun Sep 8 23:55:43 EDT 2013
On Sun, 8 Sep 2013, Theodore M Rolle Jr wrote:
> Has any thought been given to the recent revelations concerning the NSA
> and GCHQ?
You mean the fact that they say they have a desire to break end-to-end
encryption (and presuming they mean OTR) ?
> TrueCrypt allows different encryption algorithms and the specification
> of the order of use.
> See: http://www.truecrypt.org/docs/encryption-algorithms
Crypto agility is good. OTR has the capability to change long term
identity key algorithms. We don't really have an alternative for DH as
far as I know.
> If the encryption with more than one system can be performed one one
> block, passed to the next, ... While the second algorithm enciphers the
> first block, the first algorithm starts on the next block. The slowest
> algorithm determines the encryption rate.
That's quite a different use case. Not sure if that applies at all to
OTR.
> Dependence on AES (a weakened version of Rijndael) seems specious at best.
Citation needed :P It is speculation that AES was weakened by the NSA.
Moreover, alternatives are not provingly more secure.
Don't panic yet.
Paul
More information about the OTR-users
mailing list