Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://furry.engineer/users/soatok/statuses/112888590345793780">Soatok Dreamseeker (soatok@furry.engineer)'s status on Friday, 02-Aug-2024 08:42:27 JST</a><a href="https://furry.engineer/@soatok" title="soatok@furry.engineer"><img src="https://gnusocial.jp/avatar/34725-48-20230823231406.webp" width="48" height="48" alt="Soatok Dreamseeker" style="position: absolute; left: 0; top: 0;">Soatok Dreamseeker</a><div><a href="https://furry.engineer/@soatok/112888495771810761" rel="in-reply-to">in reply to</a></div></section><article><p>So, like...</p><p>OMEMO v0.3 has a pretty fucking obvious issue similar to what I found in Threema.</p><p>You're forced to use AES-GCM in a way that makes Invisible Salamanders a trivial exploit to pull off.</p><p><a href="https://github.com/soatok/gcm-exploit" rel="nofollow noreferrer">https://github.com/soatok/gcm-exploit</a></p><p>I'm not going to bother with an embargo for this. This specific protocol and design problem is not present in newer versions of their spec. Unfortunately, I can't find any implementations that use the updated spec!</p><p>Conversations is impacted.<br>Gajim is impacted.<br>Et cetera.</p><p>&gt; Is this 0day?</p><p>Probably not to the spec authors, but to the implementation developers? Maybe.</p><p>This is why you don't roll your own crypto.</p><p>(The original toot had a non-issue that looked like a vuln. I am redacting that.)</p><p><a href="https://furry.engineer/tags/XMPP" rel="tag">#XMPP</a> <a href="https://furry.engineer/tags/OMEMO" rel="tag">#OMEMO</a> <a href="https://furry.engineer/tags/infosec" rel="tag">#infosec</a> <a href="https://furry.engineer/tags/crypto" rel="tag">#crypto</a> <a href="https://furry.engineer/tags/0day" rel="tag">#0day</a> <a href="https://furry.engineer/tags/vulnerability" rel="tag">#vulnerability</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3462376#notice-6805827">In conversation</a><time datetime="2024-08-02T08:42:27+09:00" title="Friday, 02-Aug-2024 08:42:27 JST">about 3 months ago</time> <span>from <span><a href="https://furry.engineer/@soatok/112888590345793780" rel="external" title="Sent from furry.engineer via ActivityPub">furry.engineer</a></span></span><a href="https://furry.engineer/@soatok/112888590345793780">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Soatok Dreamseeker (soatok@furry.engineer)'s status on Friday, 02-Aug-2024 08:42:27 JST Soatok Dreamseeker
in reply to
So, like...
OMEMO v0.3 has a pretty fucking obvious issue similar to what I found in Threema.
You're forced to use AES-GCM in a way that makes Invisible Salamanders a trivial exploit to pull off.
https://github.com/soatok/gcm-exploit
I'm not going to bother with an embargo for this. This specific protocol and design problem is not present in newer versions of their spec. Unfortunately, I can't find any implementations that use the updated spec!
Conversations is impacted.
Gajim is impacted.
Et cetera.
> Is this 0day?
Probably not to the spec authors, but to the implementation developers? Maybe.
This is why you don't roll your own crypto.
(The original toot had a non-issue that looked like a vuln. I am redacting that.)
#XMPP #OMEMO #infosec #crypto #0day #vulnerability
In conversationabout 3 months ago from furry.engineerpermalink

Public

Embed Notice

HTML Code

Corresponding Notice