diff options
| author | Mark Haines <mjark@negativecurvature.net> | 2016-10-21 15:13:20 +0100 |
|---|---|---|
| committer | Mark Haines <mjark@negativecurvature.net> | 2016-10-21 15:13:20 +0100 |
| commit | 8c4a11a92d2eac501e06659dff062d84d5c855ec (patch) | |
| tree | e6c8fae698f40817df2f0632fd77569fd33dca4e /docs | |
| parent | 5a98012c0d3951d2d08e9922ee682fbdecc68f0c (diff) | |
Document the potential for message replays and possible mitigations
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/megolm.rst | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/megolm.rst b/docs/megolm.rst index 4929349..56e5f1d 100644 --- a/docs/megolm.rst +++ b/docs/megolm.rst @@ -274,6 +274,16 @@ bytes preceding the signature. Limitations ----------- +Message Replays +--------------- + +A message can be decrypted successfully multiple times. This means that a MITM +server can send multiple copies of a message and they will successfully decrypt. + +To mitigate this it is recomendend that applications track the message indicies +they have recieved and that they reject messages with indicies that they've +already decrypted. + Lack of Transcript Consistency ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |