|
|
|
|
|
|
by woodruffw
1262 days ago
|
|
|
From the paper, my reading is that it's meant to highlight a larger weakness in Threema's design (the decision to rely heavily on a long-lived private key, which then needs to be exported with a potentially attacker-controllable password in order to transfer identity). Edit: notably, this wouldn't be a problem if (1) Threema required a preconfigured password to encrypt the private key with, or (2) used an identity transfer scheme that was detectable on the target device. But since they're just copying a key, it's entirely undetectable. |
|
|