Not much to go on here, but I'll add by two bits to the guesswork. Like what Ian said, that second transcript looks a lot more like the OTR negotitation. So that is a transcript of the entire chat session. That would begin with OTRv2? and the whole OTR negoitation, which is plain text. Perhaps there might be a couple plain text messages like "hey are you there" before OTR started.
The first transcript could be after one side finished OTR, and the other side kept typing. I think attacks outside of OTR itself are the most likely culprit as well. The NSA analysts do have access to the raw materials, and they are reporting that OTR is difficult for them to decode, so that's the good news here. .hc Gregory Maxwell: > http://www.spiegel.de/media/media-35552.pdf > > From > http://www.spiegel.de/international/world/nsa-documents-attacks-on-vpn-ssl-tls-ssh-tor-a-1010525.html > > The fact that they appear to have decrypted some but not all messages > in a log suggests to me that this is not a host compromise, or an > MITM. But potentially an attack on 1024 bit DH or AES-CTR? > _______________________________________________ > OTR-dev mailing list > OTR-dev@lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev > -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 _______________________________________________ OTR-dev mailing list OTR-dev@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
