Greetings. Tonight I used the challenge question authentication with a frequent chat partner of mine and she was instantly disconnected from AIM when she answered the question. After she reconnected we attempted it again she was able to complete the authentication without issue.
Now I'm sure this was just some really unlucky alignment of the planets, but unfortunately an ongoing MITM attack would quite likely have looked _exactly_ like this. Since I'm unable to tell what her fingerprint was on the prior connection I can't distinguish a MITM bailing out on the authentication protocol from a fluke disconnection. This means that there is a reduced disincentive to performing MTIM on unauthenticated OTR since the middle man can abort on an authentication attempt without leaving positive evidence of the foul play. I would recommend logging the fingerprint at each session establishment, either as part of the 'started private connection' alert or in the OTR preferences along with my key fingerprints. This way past MITM attacks could be detected retrospectively, increasing the risk of consequences for the attacker. A similar strategy is used as a part of Tcpcrypt. _______________________________________________ OTR-dev mailing list OTR-dev@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
