Commit 899b848fd4ca045304bc3aa38e8fad85ed412738
1 parent
17fa84ae
Added note about possible use of xxHash.
Showing
1 changed file
with
6 additions
and
2 deletions
line-android.md
| ... | ... | @@ -39,10 +39,14 @@ the client and the server to encrypt the body with AES in CBC mode with a fixed |
| 39 | 39 | is reset for each message. Cryptanalysts may have something to say about the fixed IV and new |
| 40 | 40 | context for each message. |
| 41 | 41 | |
| 42 | -The AES encrypted messages are signed with a custom 64-bit MAC called legy_hmac, which is curiously | |
| 42 | +The AES encrypted messages are signed with a custom 32-bit HMAC called legy_hmac, which is curiously | |
| 43 | 43 | only available in native code. I haven't yet analyzed how it works. I am not sure if the native |
| 44 | 44 | library approach is taken to enable code re-use between platforms, or as some futile attempt to add |
| 45 | -security by obscurity. | |
| 45 | +security by obscurity. It seems to be built on this hash algorithm: | |
| 46 | + | |
| 47 | +https://github.com/Cyan4973/xxHash | |
| 48 | + | |
| 49 | +Interestingly they seem to have forgotten to include the copyright notice for xxHash in their app. | |
| 46 | 50 | |
| 47 | 51 | (TODO) |
| 48 | 52 | ... | ... |