No subject
Sat Jun 28 11:43:08 EDT 2014
Authentication will only succeed if both parties type in the same
'password'.
The password can not be brute forced, and later disclosure of the
password wouldn't harm your privacy (but it would make it possible for
someone to impersonate you if you continued to use the same password
with your contacts for future authentications).
You can still verify fingerprints if you want but fingerprints are
hard for people to verify. I've seen many people try to verify
fingerprints in OTR by simply typing them them into their OTR
sessions. :( Even a phone call is not MITM proof... but a shared
secret can be exchanged in advance.
My past somewhat negative comments on this approach were not intended
to claim that it isn't secure. Rather I was disappointed that OTR
wouldn't also use the shared secret to increase resistance to any
possible future DH weakness. However, if DH is found to be
substantially weaker than expected OTR will probably be the last of
our problems...
More information about the OTR-users
mailing list