-
* Why the term "mix key"? In previous discussions about OTRv4, this
was called an "insurance key".
* Those variables don't seem correct. The protocol retains the concept
of acknowledgin…
-
-
DAKE_IN_PROGRESS has 4 occurrences in the subsequent sections. It's defined as the message state following START. However, this is not listed in the 'Protocol states' section. From what I've read of t…
-
According to [README](https://bugs.otr.im/lib/libotr/blob/master/README), `libotr` entry point is defined in the `proto.h`.
We can decide to provide `libotr4` as a drop-in replacement to `libotr`. …
-
The OTRv2 and v3 is doing version according to the query message `?OTRv3?`, we should consider downgrade attack if MITM has capability to change this header.
Or, once we have otr4, we should also con…
-
`libotr` provides an "OTR Messaging Toolkit". "This toolkit is useful for analyzing and/or forging OTR
messages."
It is a collection of command line apps:
- otr_parse
- otr_sesskeys
- otr_mac…
-
Depends on #4
We need to add a section to describe about the primitives, which should specify the schemes:
- DRE use CramerShoup + NIZKPK of the Knowledge of plaintext equivalence.
- Choose a group …
-
-
This includes a reply to the OTR-dev thread about this issue.
-
## Problem
The OTR AKE (SPAWN) requires the initiator to store prekeys in order to "verif[y] that g^i is a prekey that [the initiator has] previously sent and remains unused"[1]. An responder could s…