[Standards] OMEMO Key Agreement
sebastian.verschoor at gmail.com
Mon Jun 5 20:14:02 UTC 2017
On 3 June 2017 at 06:49, Dave Cridland <dave at cridland.net> wrote:
> On 2 June 2017 at 21:18, Sebastian Verschoor
> <sebastian.verschoor at gmail.com> wrote:
> > Dave Cridland on June 2nd:
> >> So:
> >> Encryption Interop: Don't care (negotiable at runtime)
> > Be careful, this stuff is non-trivial 
> > : https://www.imperialviolet.org/2016/05/16/agility.html
> Yes, indeed, and moreover I don't think we can solve any form of
> downgrade attack conclusively.
> Nevertheless, this happens to be the area I'm most comfortable we can
> address properly.
Cool, sounds like you would be able to address this way better than I could.
> Incidentally, the agility issues need to be addressed anyway - DJB is
> not a god, and the Edwards curve based around the prime number 25519
> may prove to be weak somehow, or perhaps EdDSA as a whole might be.
> In addition, OMEMO as a whole addresses a specific threat model which,
> while well-suited to the "consumer in the cloud", isn't well suited at
> all to enterprise, and that suggests an overall model where we'll have
> to negotiate between OMEMO and some other model (such as MIKEY-SAKKE
> or something).
> Standards mailing list
> Info: https://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Standards