Page 1 of 1

Does Mumble encryption use broken AES OCB2 ?

Posted: 27 Mar 2019, 18:03
by faucet
Does Mumble use AES OCB2 for voice data encryption and is the implementation susceptible
to the plaintext recovery attack by Poettering/Iwata 2018?

:geek:

Re: Does Mumble encryption use broken AES OCB2 ?

Posted: 27 Sep 2019, 17:00
by Zing
I looked through the code, and as far as I can tell, no. It seems to be using OCB1 which is not vulnerable to this attack.