[cryptography] Repeated Encryptions Considered.... ?

Nico Williams nico at cryptonector.com
Sun Jun 19 20:54:59 EDT 2011


On Sun, Jun 19, 2011 at 7:01 PM, Jon Callas <jon at callas.org> wrote:
> That brings us back to the main question: what problem are you trying to solve?

The OP meantioned that the context was JavaScript crypto, and whether
one could forego the use of TLS if crypto were being applied at a
higher layer.

Imagine an HTTP-based IM system (XMPP, say), and OTR.  The end-points
for OTR are different from the end-points for TLS, therefore channel
binding doesn't help.  But can you forgo TLS?  If you do, then
eavesdroppers will know who you're talking to, and that you're using
OTR.  So, there is value in using TLS in this case.

Now, whether you trust the code implementing OTR is another story, but
let's just say that you do.

Nico
--



More information about the cryptography mailing list