Task #1875

convert otr_keystore.ofcaes format to AES-256-GCM

Added by hans over 4 years ago. Updated about 4 years ago.

Status:NewStart date:09/12/2013
Priority:NormalDue date:
Assignee:-% Done:


Target version:0.4


Its currently AES-256-CBC, which is less than ideal.

Related issues

Related to KeySync - Bug #2350: enable reads from Downloads folder Rejected 11/05/2013


#1 Updated by hans over 4 years ago

  • Target version set to 0.4

#2 Updated by hans about 4 years ago

This pure python lib should make it easier to do this in python without OpenSSL:

But GCM mode is not implemented there, only OFB, CFB, CBC.

#3 Updated by abeluck about 4 years ago

Interesting! We might also want to consider using Keyczar, it's a respeced crypto lib by Google that works in Java/Android and python (and C++). It abstracts all the crypto details to a high level.

The alternative is to not use GCM, but a more traditional, but more complicated, authenticated encryption approach like CBC+HMAC-SHA2. It's more complicated simply because you have two crypto primitives to deal with, but given that GCM isn't readily available, it might be the best option.

Also available in: Atom PDF