Off The Record Protocol (OTR)
Off The Record Protocol (OTR) is one of the emerging protocols today. It is becoming more and more popular amongst Internet Messenger Services by providing a service similar to a conversation by two people. Internet Messenger Applications such as Pidgin has already implemented such a plugin fo the application and other messenger services are already on the move with implementing the feature.
OTR provides the two parties to have a conversation between them by providing the following features.
i) Encryption : Messages can be read by only the two parties involved.
ii) Authentication : Lets each parties know that they are chatting with the person who they think they are. In simpler terms, this features prevents forging by a third party by imitating the other person.
iii) Deniability(Repudiability) : This is a controversial term. We are very much used with the term 'Non Repudiability' when we talk about Computer Security. But here, we specifically allow repudiability to occur.
iv) Perfect Forward Secrecy: This assures that even though one party is compromised, the attacker would not be able to read old conversations of the victim.
All of these features make sense except the third. So, I would only elaborate on this feature and show how Deniability or Repudiability is needed.
Deniability gives us the liberty to say something to a person using a Messenger Service and then later decline saying that.
Suppose a verbal conversation between Alice and Bob. Alice says to Bob to meet her at 5 o'clock and Bob agrees. However, Bob doesn't turn up at 5. When Alice asks why he didn't come, Bob would simply lie and say that he never spoke with Alice about meeting at 5 and there would be no way of proving thay. There would be no means of verifying that Bob is lying. No third party can verify that Bob actually lied. No one else other than Alice and Bob knows what they discussed. No one would later be able to know what they talked about. This is the nature of a verbal conversation.
In E-Commerce, this has been one of the major issues which needs to be dealt. Therefore, we use Signatures and sign a document before sending. This way neither of the parties can lie. If this Signature system was used in Internet Messenger sevices, we would not have faced the scenario above and Bob would be caught for lying.
However, it is to be noted that the intention of a chat application is to make it as close to a verbal conversation between two people. Chat applications are NOT to be used for E-Commerce related applications or conversations which need to be reproduced. Therefore, in order to maintain the chat application as close as to a real world verbal conversation, we need to build it in such a way deniability is possible. Therefore Repudiability is necessary.
Perfect Forward Secrecy is also another need of a chat application. If Alice and Bob had a private verbal conversation with each other, no one else would be able to hear what went on among them. No one would be able to know what actually took place between them. If someone else would be able to know what went on, it would not be secure. Now, suppose that they recorded the chat which took place and keep it secretly. However, if the recorder tape is compromised by Eve, then Eve would be able to know what Alice and Bob had been talking. This should not be the case. Therefore, in OTR protocol, we make sure a compromise of any party would not reveal old data.
For further information please reffer to the website
http://www.cypherpunks.ca/otr/
OTR provides the two parties to have a conversation between them by providing the following features.
i) Encryption : Messages can be read by only the two parties involved.
ii) Authentication : Lets each parties know that they are chatting with the person who they think they are. In simpler terms, this features prevents forging by a third party by imitating the other person.
iii) Deniability(Repudiability) : This is a controversial term. We are very much used with the term 'Non Repudiability' when we talk about Computer Security. But here, we specifically allow repudiability to occur.
iv) Perfect Forward Secrecy: This assures that even though one party is compromised, the attacker would not be able to read old conversations of the victim.
All of these features make sense except the third. So, I would only elaborate on this feature and show how Deniability or Repudiability is needed.
Deniability gives us the liberty to say something to a person using a Messenger Service and then later decline saying that.
Suppose a verbal conversation between Alice and Bob. Alice says to Bob to meet her at 5 o'clock and Bob agrees. However, Bob doesn't turn up at 5. When Alice asks why he didn't come, Bob would simply lie and say that he never spoke with Alice about meeting at 5 and there would be no way of proving thay. There would be no means of verifying that Bob is lying. No third party can verify that Bob actually lied. No one else other than Alice and Bob knows what they discussed. No one would later be able to know what they talked about. This is the nature of a verbal conversation.
In E-Commerce, this has been one of the major issues which needs to be dealt. Therefore, we use Signatures and sign a document before sending. This way neither of the parties can lie. If this Signature system was used in Internet Messenger sevices, we would not have faced the scenario above and Bob would be caught for lying.
However, it is to be noted that the intention of a chat application is to make it as close to a verbal conversation between two people. Chat applications are NOT to be used for E-Commerce related applications or conversations which need to be reproduced. Therefore, in order to maintain the chat application as close as to a real world verbal conversation, we need to build it in such a way deniability is possible. Therefore Repudiability is necessary.
Perfect Forward Secrecy is also another need of a chat application. If Alice and Bob had a private verbal conversation with each other, no one else would be able to hear what went on among them. No one would be able to know what actually took place between them. If someone else would be able to know what went on, it would not be secure. Now, suppose that they recorded the chat which took place and keep it secretly. However, if the recorder tape is compromised by Eve, then Eve would be able to know what Alice and Bob had been talking. This should not be the case. Therefore, in OTR protocol, we make sure a compromise of any party would not reveal old data.
For further information please reffer to the website
http://www.cypherpunks.ca/otr/
Comments