On Tue, Oct 22, 2013 at 12:07:58AM +0200, Moritz Warning wrote: > is it possible to find out when an authentication fails > because there might be an imposter? > > I might have a number of ip address and like to > automatically try a different available ip address > when one doesn't work out. > > A possibility would be for the protocol plugin > to send the other side a cryptographic challenge. > But for this the protocol would need to be able > to encrypt/decrypt some data using the otr-purple keys. > > Maybe someone has an idea how this could be done.
Do you mean at the AKE phase, or at the SMP phase? I think you mean at the AKE phase; there, the only notion of identity is the public key provided (at connection time) by your buddy. That public key is used in a cryptographic protocol (SIGMA) to ensure your buddy does indeed possess the private key. Then it's up to you to check if that public key is the one you expect. - Ian _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
