diff options
author | Samuel Lidén Borell <samuel@kodafritt.se> | 2019-03-22 01:13:12 +0100 |
---|---|---|
committer | Samuel Lidén Borell <samuel@kodafritt.se> | 2019-03-22 01:13:12 +0100 |
commit | 472617ca6e270e2628d8586e47c405552646f277 (patch) | |
tree | 52d4eaf99bfeaca042b5319fddfa270cbd00ed5c /README | |
parent | f952f6f21f6b7786e10d06a5ca90749f6e9f1f40 (diff) | |
download | fishlim-master.tar.gz fishlim-master.tar.bz2 fishlim-master.zip |
Diffstat (limited to 'README')
-rw-r--r-- | README | 25 |
1 files changed, 24 insertions, 1 deletions
@@ -6,7 +6,15 @@ FiSHLiM is a HexChat plugin for FiSH IRC encryption. It's my attempt at making -a simple, lightweight and secure plugin for this encryption protocol. +a simple and lightweight plugin for this encryption protocol. + +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!! WARNING: FiSH encryption is not secure. See the security section below. !! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +NOTE: A modified version of FiSHLiM is now bundled with HexChat. If you +use HexChat you should generally not install this plugin (and if you do +you need to remove the bundled version of FiSHLiM). For installation instructions, see the INSTALL file. @@ -28,6 +36,9 @@ Not working: * Topic encryption * Remote exploitation (hopefully!) * Plaintext content that contain +OK is decrypted twice + * Very long messages (more than ~200 characters) + * encryption of /me messages + * Message authentication Commands @@ -66,3 +77,15 @@ Commands Deletes the given nick or channel from the configuration file. +Security warning +---------------- +FiSH encrypts your messages in ECB mode (in other words, in independent +blocks). If the same block appears two times it will be encrypted the +same way both times. + +So, never give untrusted people unencrypted chat logs if they also have +the encrypted version! Then they can decrypt the messages if they appear +again. Also, it's possible to make statistical attacks or replay +attacks. The CBC mode is somewhat better, but does not use a HMAC and no +timestamp/nonce, so it is still not secure against message manipulation +or replay attacks. |