From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) by sympa.inria.fr (Postfix) with ESMTPS id 62AC97FBFE for ; Sat, 24 Jan 2015 22:35:34 +0100 (CET) Received-SPF: None (mail3-smtp-sop.national.inria.fr: no sender authenticity information available from domain of hannes@mehnert.org) identity=pra; client-ip=213.73.89.200; receiver=mail3-smtp-sop.national.inria.fr; envelope-from="hannes@mehnert.org"; x-sender="hannes@mehnert.org"; x-conformance=sidf_compatible Received-SPF: Pass (mail3-smtp-sop.national.inria.fr: domain of hannes@mehnert.org designates 213.73.89.200 as permitted sender) identity=mailfrom; client-ip=213.73.89.200; receiver=mail3-smtp-sop.national.inria.fr; envelope-from="hannes@mehnert.org"; x-sender="hannes@mehnert.org"; x-conformance=sidf_compatible; x-record-type="v=spf1" Received-SPF: Pass (mail3-smtp-sop.national.inria.fr: domain of postmaster@mail.mehnert.org designates 213.73.89.200 as permitted sender) identity=helo; client-ip=213.73.89.200; receiver=mail3-smtp-sop.national.inria.fr; envelope-from="hannes@mehnert.org"; x-sender="postmaster@mail.mehnert.org"; x-conformance=sidf_compatible; x-record-type="v=spf1" X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AtgFAOUOxFTVSVnI/2dsb2JhbABagwZSWYMAwzuHAEMBAQEBAX2ENg8BewIFIQIRAkwNCAEBiCwJrgePSJRRBIEhkUaBQQWSOYwKjAgigVEwHYFQbwEBAYI/AQEB X-IPAS-Result: AtgFAOUOxFTVSVnI/2dsb2JhbABagwZSWYMAwzuHAEMBAQEBAX2ENg8BewIFIQIRAkwNCAEBiCwJrgePSJRRBIEhkUaBQQWSOYwKjAgigVEwHYFQbwEBAYI/AQEB X-IronPort-AV: E=Sophos;i="5.09,461,1418079600"; d="scan'208";a="97584021" Received: from mail.mehnert.org ([213.73.89.200]) by mail3-smtp-sop.national.inria.fr with ESMTP/TLS/ADH-CAMELLIA256-SHA; 24 Jan 2015 22:35:33 +0100 Received: from [192.168.0.7] (cpc16-cmbg15-2-0-cust21.5-4.cable.virginm.net [86.5.162.22]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client CN "hannes@mehnert.org", Issuer "mehnert root CA" (verified OK)) by mail.mehnert.org (Postfix) with ESMTPS id 0E6BF19BD for ; Sat, 24 Jan 2015 22:35:30 +0100 (CET) Message-ID: <54C40FFA.10007@mehnert.org> Date: Sat, 24 Jan 2015 21:34:50 +0000 From: Hannes Mehnert User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 MIME-Version: 1.0 To: Caml-list Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Subject: [Caml-list] [ANN] otr 0.1.0 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA384 Hello, Off-the-record is a cryptographic protocol which is mainly used for instant messaging. It provides encryption and authentication (plus forward secrecy), uses AES128-CTR mode for encryption, SHA256 (and SHA1 for MACs) and DSA for public/private keys, lots of DH computation in oakley 5 (1536 bit). In addition to the authenticated encrypted channel OTR features the socialists millionaires problem (SMP) - to authenticate the other party using a shared secret over an already established channel (without exposing that shared secret, using some zero knowledge proofs). I implemented this protocol, both version 2 and 3, in OCaml and am happy to have an initial release (0.1.0, 2 clause BSD licensed), already in the opam repository. I'd be glad to receive feedback regarding coding style (similar to TLS - - immutable data, monadic error passing, API does not expose any exceptions) etc. Code: https://github.com/hannesm/ocaml-otr OTR: https://en.wikipedia.org/wiki/Off-the-Record_Messaging Protocol spec: https://otr.cypherpunks.ca/Protocol-v3-4.0.0.html SMP: https://en.wikipedia.org/wiki/Socialist_millionaire best, hannes -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCQAGBQJUxA/6AAoJELyJZYjffCjuRGoP/R+KRJ0FO020wQQP9p53R0Ib cubTVoLmghCFfjTayL2HvdZJ/jrktyOoXeVyWCkDWEc4rA3c+gDk10a10q0cQebm sO0sjZWCYyUE2VfOT2QfXM1QCYlVEDAjzDYvV0nLc+CuBJu5P0QYofRTc6Yso9uf Gzq1+ZXDzH7CFSTEjqMbB4GBHZF/ZVk5JF5nAI2HDrfgoZlH9100KgC2q5rB2f4H +PgQ5i2OGQFI0scsryMANLpe2FLdC5QjH+z5SRwVxJINGVnLpTSbRQn14utTGRo+ BO4U7CtMP6EQZTKlarEV3WMFcQNcgVkqzSi66Q5K91lV7Jhr/xug+yzff1Cshb9j AWjBYWud247s+SOagZLaj9nY0UqGp2C2Xs/kUfXbz6qf/YQZqzGG0w4umuK/OMxR wTD9D4mn3hgRyPYLG2foBv5AXtt056oV8ODoEnWRF0vswoBQU0CWq3zcK/SzeS+a Yx3t+JhY5p1GllCfHtZbxWxgCqAxYopuo8gG1RWpqZfHtDrmed3Z3Vj+nWRcXNMo wvj2JUtqnSj5W7UIGnVaEgOY9DU3+fGZ0MVRvcutLASbJH7Ae9wqKGFpJqcn9ai4 ogzhUr2SRR1b0l2kDXrn0xfHAf47gzjsQHegm5vdDp1PC3Alrjzn5oQPUlli+z+D RC7cJdVuLLDHZk1U/UuJ =np2c -----END PGP SIGNATURE-----