[OTR-users] does authentication depend on secrecy of private key
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Apr 17 10:41:14 EDT 2015
On Fri 2015-04-17 10:18:16 -0400, Greg Reagle wrote:
> Hello all. I have a question about authentication in OTR. The docs say
> "However, once you've authenticated your buddy, you don't have to do it
> again. OTR will automatically do the authentication for all of your
> future conversations with that buddy." [1] My understanding is that the
> authentication is based on the idea that your buddy has a private key
> that no one else has. So what if you authenticate with your buddy Bob,
> then, somehow, Mallory gets access to Bob's computer and gets his secret
> key. Then OTR will continue to say that you are having an authenticated
> session with Bob , but it could be Mallory? Is that right?
Yes, that's correct. OTR will associate any remote peer with access to
Bob's secret key material as though it were Bob.
Secret keys need to remain secret for any cryptosystem to retain its
security guarantees, and OTR is no exception.
--dkg
More information about the OTR-users
mailing list