[liberationtech] About Telegram
Maxim Kammerer
mk at dee.su
Wed Mar 19 18:54:46 PDT 2014
On Thu, Mar 20, 2014 at 3:21 AM, Ximin Luo <infinity0 at pwned.gg> wrote:
> The stuff the developer posted in the other fork of this thread is really something. I wish we had a cryptographic equivalent of funroll-loops.info.
>
> "This is just the key exchange; not trying to sign or otherwise authenticate here."
What if I told you that the original OTR protocol, that most of these
“good” chat apps that crypto experts are so happy with are based upon,
had a completely trivial MITM in key exchange part [1]? Really
something!
[1] http://dx.doi.org/10.1145/1102199.1102216
--
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
More information about the liberationtech
mailing list