Thanks for the link to this other thread. I guess my only concern is with all the talk of elliptic-curve, there is this cryptologist's quote... ------ Try to use public-domain encryption that has to be compatible with other implementations...Prefer symmetric cryptography over public-key cryptography. Prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can. - Bruce Schneier ---- http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
On Tue, 2 Jun 2015, countryg...@safe-mail.net wrote: > https://weakdh.org/ > > I was wondering what affect this may have on OTR. In particular it may be > useful to increase the DH bits to at least 2048, and a SHA256 hash function. > Nevertheless, I would be interested to see what the OTR developers think > about this attack and what improvements can be made to the OTR standard. See https://lists.cypherpunks.ca/pipermail/otr-dev/2015-June/thread.html _______________________________________________ OTR-users mailing list OTR-users@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-users
