OTRv4+ – A post‑quantum OTR client for IRC that runs on a phone over I2P - Lemmy.World

From that other site… ‐----------- Hi everyone, I’ve been working on a project called OTRv4+ – an OTRv4 client that adds post‑quantum cryptography to every layer of the protocol. It’s a single‑file Python app (with three small C extensions) that runs on IRC, supports I2P/Tor, and even runs on a phone via Termux. Why post‑quantum? If a quantum computer breaks X448 tomorrow, your past and future messages are still protected. The key exchange uses Triple X448 + ML‑KEM‑1024, authentication uses Ed448 ring signatures + ML‑DSA‑87, and the ratchet brace key rotates via fresh ML‑KEM‑1024 at every DH epoch. All symmetric crypto uses SHA‑3 / AES‑256‑GCM, which are quantum‑resistant at the symmetric level. What makes it different? · No liboqs – I used OpenSSL 3.5+ native FIPS 203/204 providers for ML‑KEM and ML‑DSA. · Single‑file Python (~12k lines) – the whole protocol is in one file to make auditing easier. · 224 tests – covering ratchet torture, state forks, wire format fuzzing, and everything in between. · Runs on Termux – I tested it on my phone with I2P on Libera.Chat. Comparison with Signal PQXDH Signal’s PQXDH adds ML‑KEM to the handshake but explicitly says “Authentication in PQXDH is not quantum‑secure”. OTRv4+ uses ML‑DSA‑87 to make authentication post‑quantum as well – at the cost of losing PQ deniability (a known open problem). I think it’s a worthwhile trade‑off for IRC where deniability is less critical. If you want to try it: · Git clone: https://github.com/muc111/OTRv4Plus [https://github.com/muc111/OTRv4Plus] · Requires Python 3.9+, OpenSSL 3.5+, and a C compiler. · Works on Termux, Linux, probably other Unix‑likes. · Supports I2P, Tor, and clearnet with auto‑detection from the hostname. Feedback / Contributions I’d love to get your thoughts – issues, pull requests, or just a “hey, this works on my setup”. If you’re interested in a commercial license for proprietary use, please open an issue with the label commercial-license. Cheers!