From 8c4a11a92d2eac501e06659dff062d84d5c855ec Mon Sep 17 00:00:00 2001 From: Mark Haines Date: Fri, 21 Oct 2016 15:13:20 +0100 Subject: Document the potential for message replays and possible mitigations --- docs/megolm.rst | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'docs') diff --git a/docs/megolm.rst b/docs/megolm.rst index 4929349..56e5f1d 100644 --- a/docs/megolm.rst +++ b/docs/megolm.rst @@ -274,6 +274,16 @@ bytes preceding the signature. Limitations ----------- +Message Replays +--------------- + +A message can be decrypted successfully multiple times. This means that a MITM +server can send multiple copies of a message and they will successfully decrypt. + +To mitigate this it is recomendend that applications track the message indicies +they have recieved and that they reject messages with indicies that they've +already decrypted. + Lack of Transcript Consistency ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3