[OTR-users] LogJam attack and it's affect on OTR?
countrygeek at Safe-mail.net
countrygeek at Safe-mail.net
Thu Jun 4 15:45:00 EDT 2015
Thanks for the link to this other thread. I guess my only concern is with all the talk of elliptic-curve, there is this cryptologist's quote...
------
Try to use public-domain encryption that has to be compatible with other implementations...Prefer symmetric cryptography over public-key cryptography. Prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can.
- Bruce Schneier
----
http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
On Tue, 2 Jun 2015, countrygeek at Safe-mail.net wrote:
> https://weakdh.org/
>
> I was wondering what affect this may have on OTR. In particular it may be useful to increase the DH bits to at least 2048, and a SHA256 hash function.
> Nevertheless, I would be interested to see what the OTR developers think about this attack and what improvements can be made to the OTR standard.
See https://lists.cypherpunks.ca/pipermail/otr-dev/2015-June/thread.html
More information about the OTR-users
mailing list