Thursday, December 16, 2004

Off-the-Record Messaging

Guy holding key

Looks like there's a new encryption plugin for Gaim called Off-the-Record Messaging. What's so special about this you may ask?

Check ou this excerpt from the homepage:


Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing:


Encryption
No one else can read your instant messages.
Authentication
You are assured the correspondent is who you think it is.
Deniability

The messages you send do not have digital signatures that are
checkable by a third party. Anyone can forge messages after a
conversation to make them look like they came from you. However,
during a conversation, your correspondent is assured the messages
he sees are authentic and unmodified.
Perfect forward secrecy
If you lose control of your private keys, no previous conversation
is compromised.



Pretty cool. Big brother can't sniff your conversations and don't have a signature to prove that you said anything incriminating. However, they should still be able to find out who you were talking to and when you were talking to them. You still have to be careful about having sensitive coummunicaions online.

All in all a cool development. Let's hope that peer review proves that this is strong crypto. For a basic protocol description click here.

0 Comments:

Post a Comment

<< Home