Corelab Seminar
2015-2016
Konstantinos Andrikopoulos
OTR protocol
Abstract.
Off-The-Record Messaging (OTR) is a protocol that uses existing IM protocols in order to mimic real-life face-to-face conversations. To do that it provides:
-Secrecy, no one can read the contents of the messages.
-Authentication, the two parties are assured that they actually
talk to the person they think they talk (or more precisely anyone who
has control of the corresponding private key).
-Perfect Forward Secrecy, in the event of a private key compromise by an
attacker, he can not read any old messages.
-Deniability, after the conversation has ended anyone can pose as as any
of the two correspondents. That is, anyone can forge a message and make
it look like it was sent by the conversing parties. During the
conversation however this is impossible.
Various implementations of the protocol exist, plugins like pidgin-otr
add OTR functionality to clients. Also many IM clients like adium
support it natively.
The details of the protocol will be presented(AKE, ephimeral key
generation using Diffie-Hellman, Signing Key reveal), as well as the
Socialist Millionaires Protocol (SMP) that OTR uses in order to
(re)authenticate two users by a shared secret.