![cryptocat buddy cryptocat buddy](https://www.numerama.com/content/uploads/2016/03/crypto-name-computer.jpg)
Support for encrypted audio or video is not planned. As of version 3 of the protocol specification, an extra symmetric key is derived during authenticated key exchanges that can be used for secure communication (e.g., encrypted file transfers) over a different channel. Limitationsĭue to limitations of the protocol, OTR does not support multi-user group chat as of 2009 but it may be implemented in the future. This feature makes it possible for users to verify the identity of the remote party and avoid a man-in-the-middle attack without the inconvenience of manually comparing public key fingerprints through an outside channel. Within the conversation the recipient can be sure that a message is coming from the person they have identified.Īs of OTR 3.1, the protocol supports mutual authentication of users using a shared secret through the socialist millionaire protocol. Deniable authentication: Messages in a conversation do not have digital signatures, and after a conversation is complete, anyone is able to forge a message to appear to have come from one of the participants in the conversation, assuring that it is impossible to prove that a specific message came from a specific person.The compromise of any long-lived cryptographic keys does not compromise any previous conversations, even if an attacker is in possession of ciphertexts. Forward secrecy: Messages are only encrypted with temporary per-message AES keys, negotiated using the Diffie-Hellman key exchange protocol.In addition to providing encryption and authentication - features also provided by typical public-key cryptography suites, such as PGP, GnuPG, and X.509 ( S/MIME) - OTR also offers some less common features:
![cryptocat buddy cryptocat buddy](https://www.numerama.com/wp-content/uploads/2016/03/poke-680x671.jpg)
A Pidgin and Kopete plugin exists that allows OTR to be used over any IM protocol supported by Pidgin or Kopete, offering an auto-detection feature that starts the OTR session with the buddies that have it enabled, without interfering with regular, unencrypted conversations. They provide a client library to facilitate support for instant messaging client developers who want to implement the protocol. The OTR protocol was designed by cryptographers Ian Goldberg and Nikita Borisov and released on 26 October 2004. The initial introductory paper was named " Off-the-Record Communication, or, Why Not To Use PGP". This is in contrast with cryptography tools that produce output which can be later used as a verifiable record of the communication event and the identities of the participants. The primary motivation behind the protocol was providing deniable authentication for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function.
![cryptocat buddy cryptocat buddy](https://sm.pcmag.com/t/pcmag_au/review/c/cryptocat-/cryptocat-for-iphone_rs3p.3840.jpg)
Off-the-Record Messaging ( OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. Please improve this article by adding secondary sources or tertiary sources. This article relies too much on references to primary sources.