[guardian-dev] Fwd: Re: [OTR-users] OTR mentioned in Snowden documents?
Dev Random
c1.devrandom at niftybox.net
Wed Sep 11 12:56:36 EDT 2013
There's no Elliptic Curve in OTR, right?
On 09/11/2013 08:01 AM, Nathan of Guardian wrote:
> Anyone have some time to dig into the potential malicious seed in
> bouncycastle issue below?
>
>
> -------- Original Message --------
> Subject: Re: [OTR-users] OTR mentioned in Snowden documents?
> Date: Wed, 11 Sep 2013 07:47:00 -0700
> From: Mike Minor <mike at firstworldproblems.com>
> To: Nathan of Guardian <nathan at guardianproject.info>
> CC: otr-users at lists.cypherpunks.ca
>
>
>
> On Sep 6, 2013, at 10:02 AM, Nathan of Guardian <nathan at guardianproject.info> wrote:
>
> > On 09/06/2013 12:40 PM, Mike Minor wrote:
> >> I thought I might poke some discussion as to where the weaknesses might be in an OTR implementation where you are using the currently known best practices (verifying fingerprints, etc)
> > Excellent point, and true that if there were mass MITM on OTR sessions,
> > those of us who do verify would notice.
> >
> > One fear I have had has been around OTR4J (which we use in Gibberbot,
> > and others like Jitsi do as well) and our dependency on BouncyCastle
> > libraries, and Java, as well for that.
> >
> > With the recent weakness found in the Android PRNG, I fear there may be
> > other "oops" bugs, either intentional or not, somewhere in that stack.
> >
> > +n
>
> The constant "c49d360886e704936a6678e1139d26b7819f7e90" appears to be a malicious non-random seed for the prime256v1 curve that is found in BouncyCastle. Are you relying on it in your code?
>
>
>
>
> _______________________________________________
> Guardian-dev mailing list
>
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
> Send email to: Guardian-dev-unsubscribe at lists.mayfirst.org
> Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/c1.devrandom%40niftybox.net
>
> You are subscribed as: c1.devrandom at niftybox.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20130911/ecac2780/attachment.html>
More information about the Guardian-dev
mailing list