Merge pull request #32 from matrix-org/markjh/replay

Document the potential for message replays and possible mitigations
This commit is contained in:
Mark Haines 2016-10-24 10:28:54 +01:00 committed by GitHub
commit 8de0f1fbb3

View file

@ -274,6 +274,17 @@ bytes preceding the signature.
Limitations
-----------
Message Replays
---------------
A message can be decrypted successfully multiple times. This means that an
attacker can re-send a copy of an old message, and the recipient will treat it
as a new message.
To mitigate this it is recommended that applications track the ratchet indices
they have received and that they reject messages with a ratchet index that
they have already decrypted.
Lack of Transcript Consistency
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~