[OTR-users] otr modify toolkit

Ian Goldberg ian at cypherpunks.ca
Thu Jul 2 08:13:07 EDT 2015


On Tue, Jun 30, 2015 at 02:03:59AM +0200, Bjorn Kuiper wrote:
> > > Wouldn't the mackey be the key that I can retrieve using otr_parse,
> thus:
> > > 8dfd40e19d32e778410200de0235a5787e294216 ?
> > 
> > No, that's the MAC tag, not the MAC key.
> > 
> > > Or would it be the mackey that I would retrieve when re-establishing a
> > > new DH key and get it from the list of old mackeys?
> > 
> > Indeed.  There are two ways to get the MAC key.  One is if you know the
> > private part of a DH key, in which case you can use otr_sesskeys to get
> it.
> > The other is if you have a transcripts containing later messages that
> contain
> > this key as an "old mackey", which you get with otr_parse.
> > 
> >    - Ian
> 
> So consider the attached private key pidgin file, the private key of __bob
> would be "2E3342837ACFB215EF502845CB48BB724762B950"

You can't find the private DH key in any file; that would defeat the
forward secrecy property of OTR.  You've got the private DSA key there
instead.

> Thus running otr_modify as follows
> --
> $ ./otr_modify.exe d4def44ed4178c84a693a14516d344b7917b23a2 alice bjorn 4
> ?OTR:AAMDJ9e+VvBOmUoAAAAAAQAAAAEAAADA/QzMtslPdMiwOhStWZG5HQ7h9tdpb9KpM7R57Gv
> MHHGDbFH1VDc74L3OHJdRprso5ZLsaQK9Rx3s7ZFIh6ubbDvsm/HPUCoZGwe1fadGV7d/v9+Eyg/
> 0jnjh0lGVDIT+W6d5Ia0EmHIzS9G6hsAugpK9Pk370JTL0bSaJIyzWYeZamSo4+OwJcusmiKrfWC
> 15KiqGKWn0v29UYCpjrrgIlTj96Wmgo0yCFg+IEbCpssK0uSRa33kyqQTnpLthBjqAAAAAAAAAAE
> AAAAKSrXNbc4fKYnZctVOW6P8z1koqGmSqMqRM+1o18P3AAAAAA==.
> MAC does not verify: wrong MAC key?

So this is expected.
-- 
Ian Goldberg
Associate Professor and University Research Chair
Cheriton School of Computer Science
University of Waterloo


More information about the OTR-users mailing list