Leading security researcher and co-creator of the Off-the-Record Messaging (OTR) protocol discusses why you should use OTR to make sure your instant messages remain private. This is especially important given the NSA’s recent wiretapping activities and the increasing prominence of Big Brother.
Off-the-Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric-key algorithm, the Diffie-Hellman key exchange, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides perfect forward secrecy and deniable encryption. This is not to be confused with the “off the record” setting in Google Talk, which merely disables logging.
The redeeming thing about OTR is that there is pretty much no configuration after its installed. You don’t have to worry about managing keys, trust databases, or any of that crap. You just click the button and it encrypts. When you “authenticate” someone, you don’t have to memorize their public key. Instead, you type in a shared secret (any string) and if the other party types in the same string, their public key is marked as trusted. Of course, it uses an algorithm that doesn’t reveal the secret to the other party. Pure genius. Great article and video.
Related Posts: On this day...
- TellMe vs Siri - 2011
- 2600 Magazine as DRM-free Kindle, PDF ebooks - 2010
- So who else speaks C++? - 2010
- Diamond optical illusion - 2009
- Pittsburgh Police May Pay You $50,000 if You Give Them the Middle Finger - 2009
- Wikiscanner Creator: Internet Man of Mystery - 2008
- Microsoft cleans fake antivirus tool from 994,061 PCs - 2008
- Print this file and your printer will jam - 2008