-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 There was a question about what is the difference between OTR and XTLS .
The basic design of the OTR protocol and it's strengths are described here: https://otr.cypherpunks.ca/otr-wpes.pdf https://otr.cypherpunks.ca/Protocol-v3-4.0.0.html The XTLS protocol is using TLS for encryption and authentication. The specification: https://tools.ietf.org/html/draft-meyer-xmpp-e2e-encryption-02 Basic security properties of the protocols: - - Both protocols provide end-to-end protection of XMPP content, they don't protect any information on the XMPP server (contacts, etc.), they don't protect you from traffic analysis (who you are communicating with, when, your IP address) - - Both protocols protect only online messages, offline messages are NOT protected. (XMPP server can change a contact from online to offline at any moment) - - XMPP server can block the initialization of both OTR, XTLS - - OTR protects only text messages, there are proposals to extend the protection also to file transfers - - XTLS protects Jingle sessions XEP-0166, this can be used to protect XML streams - text messages(XEP-0247), file transfers XEP-0234, and with SRTP also audio/video XEP-0167. Cryptographic properties of the protocols: - - Both protocols support Forward secrecy - - OTR uses 128-bit AES in counter mode for encryption - - OTR uses HMAC-SHA-1 for integrity protection - - OTR uses DSA with 1024 bit keys for signatures - - OTR uses Diffie-Hellman key exchange using 1536-bit prime - - Algorithms used for XTLS depend on the TLS library and TLS client/serversettings. For example in Gajim with recent OpenSSL library: - AES-GCM with 256-bit for encryption and integrity protection - Diffie-Hellman key exchange using 4096-bit prime - Signatures using 4096-bit RSA certificates The 1024-bit DSA keys in OTR are very short. According to "Yearly Report on Algorithms and Keysizes (2012)" they provide only "Short-term protection against medium organizations, medium-term protection against small organizations". http://www.ecrypt.eu.org/documents/D.SPA.20.pdf Current implementation in Gajim: - - OTR plugin is used only for text messages - - XTLS is used only for file transfers, the current implementation does NOT do certificate checking = no protection from MiTM attacks. - - Gajim implements also protection using Essions XEP-0218 for text messages. - - Gajim implements also protection using OpenPGP XEP-0027, this protects online and offline messages using PGP -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJTgFlwXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4QkVFQ0NBRDcyNzU1RTk2RTQwMzlEQjc2 RTE3NDA5NTQwNTY2M0FEAAoJEG4XQJVAVmOtDwYP/2Qz7jSmVUB7pGoh5p/wjPzp KYw9dlwIgT2o7vtx3wdpZvcUdQkmjT/X5b2C1BMSlv845SiYDInw9RxE0YViZYBX AvSbGTtgYzp7CJ2L7NI9zSPwM0MlFjuXaWHhk6ErGcpKTqT+dVBVrhe4jp9sepiW 7gMjrXFfip6d5h/js84GrXrqayc8uubyTf2quxGnwb0jesN3IuClLD27XnJQerv+ tlPbmHU22AZDVSFsymLQiexuq9JHQA+DG0HitjGRCfKgLKfgae6A2yTsZa3Kf/gO GFu+9Uwx/363yWAvfjFjotpEr6hmxwkfV75B7PyoLcppvH1fEouogopqWVCI3ru6 ChnC2zEv1UdNDqpO4HybB5jxZAwTzs+V+2F5e1pv/2ugT8TZFUb9zFzFj/SCqzT6 ugYZ9TFMBQrz6xyrM4SmQio3hzYmxVyfQcqiW5fDsE2nweGdl3UNQnYF5RXxnNDl HRaQ9spi+mj/uANPb5Z8BAjaItjgt5PDsCwTHsD4sDe8Rdh+EBLtgDpt9GT1/ezf cEyItmd33CqfiQsQUjv8VJew5NgNwsBoxVAze3n483SJ5mPU1YYELZ6XX5sluL4u IFZlOcUOy3YkglgR59lMX+mXap0XgI5YCHX6ihyYqWOFzwg3H98g/t/UQnAm2Fc8 ii3zhySgvNGOli5qdkMI =Xhfc -----END PGP SIGNATURE----- _______________________________________________ Gajim-devel mailing list Gajimfirstname.lastname@example.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel