Reading their docs, it seems like this uses Trust-on-first-use key exchange, so ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

akerl_ on Feb 21, 2019 | parent | context | favorite | on: Delta Chat

Reading their docs, it seems like this uses Trust-on-first-use key exchange, so if there's an attacker passively observing the network at that point, they can MITM all future communications.

Also, the Autocrypt Level 1 spec, which this seems to implement, appears to be based on PGP, with the following caveat: "Sometimes Autocrypt recommends to send cleartext mail even though encryption appears technically possible."

titanomachy on Feb 21, 2019 [–]

I don't think that's how TOFU works. Doesn't attacking it require an active attacker to substitute his own public key at the start?

e12e on Feb 21, 2019 | [–]

Yes, if the attacker is strictly passive, tofu with public key should be fine. That the attacker is strictly passive is a pretty strong assumption though!

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact