An identity-based key-exchange protocol
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
The official PGP user's guide
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Handbook of Applied Cryptography
Handbook of Applied Cryptography
An Efficient Protocol for Authenticated Key Agreement
Designs, Codes and Cryptography
Security Analysis of IKE's Signature-Based Key-Exchange Protocol
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
SKEME: a versatile secure key exchange mechanism for Internet
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Efficient Authentication and Signing of Multicast Streams over Lossy Channels
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Off-the-record communication, or, why not to use PGP
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
SSH: secure login connections over the internet
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Efficient and non-malleable proofs of plaintext knowledge and applications
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Deniable authentication and key exchange
Proceedings of the 13th ACM conference on Computer and communications security
Improved user authentication in off-the-record messaging
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Composability and On-Line Deniability of Authentication
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Privacy-enabling social networking over untrusted networks
Proceedings of the 2nd ACM workshop on Online social networks
Multi-party off-the-record messaging
Proceedings of the 16th ACM conference on Computer and communications security
Chameleon-based deniable authenticated key agreement protocol secure against forgery
OCSC'07 Proceedings of the 2nd international conference on Online communities and social computing
Dissent: accountable anonymous group messaging
Proceedings of the 17th ACM conference on Computer and communications security
Private yet abuse resistant open publishing
Proceedings of the 15th international conference on Security protocols
Improved group off-the-record messaging
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
| Hi-index | 0.00 |
At the 2004 Workshop on Privacy in the Electronic Society (WPES), Borisov, Goldberg and Brewer, presented "Off the Record Messaging" (OTR), a protocol designed to add end-to-end security and privacy to Instant Messaging protocols. An open-source implementation of OTR is available and has achieved considerable success.In this paper we present a security analysis of OTR showing that, while the overall concept of the system is valid and attractive, the protocol suffers from security shortcomings due to the use of an insecure key-exchange protocol and other problematic design choices.On the basis of these findings, we propose alternative designs and improvements that strengthen the security of the system and provide the originally intended features of the protocol, including deniability, in a sound and well-defined sense.