-
`make test` (and also `make coverage-check`) fail with the following error on libgcrypt 1.7.8
```
libtool: link: gcc -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/loc…
-
This section assumes that A1 is the public key, but the function must be generalized to work with any of the keys (while using constant-time conditional copies and other techniques to avoid side chann…
-
Some cases might be possible, like:
* if you are in MSGSTATE_FINISHED and receive a Non-Interactive-Auth message, what happens?
-
-
Perhaps the extra key request TLV should include explicit key confirmation (e.g., a MAC of something using the extra symmetric key).
And also, maybe the protocol should support deriving multiple "e…
-
If my interpretation is correct, RSig should allow a third party, e.g. Carol, to forge conversations between Alice and Bob, with only their client profiles accessible.
It seems Carol can:
0. Ext…
-
I cannot seem to find how the first root key is determined or derived. The standard derivation function will not work yet, as there is no previous root key available at that time.
The double ratchet …
-
In section "Create a User Profile Signature", step 2 of the block-quote section, it specifies that `len(c)` is appended. Consider making explicit here or in the section above that `len(c)` is to be pe…
-
It should be checked against the deniability properties of the last version of the paper.
Also, check what functions should be a requirement of an otrv4 library and state them as a MUST from an im…
-
Originally, there was 3 DAKE messages part of the protocol which were serialized and base64'd.
There was also 2 messages to differentiate which "authenticated action" you wanted to do in the server…