For questions about Off-The-Record Messaging, which is a technique which allows you to have private conversations over instant messaging.
Questions tagged [otr]
10 questions
15
votes
2 answers
What is the difference between OTR and Signal protocols?
The Signal Protocol is a relatively new secure messaging protocol that was recently implemented in Signal, WhatsApp, and several other messenging apps. According to Wikipedia, the Signal protocol is an evolution of the OTR protocol…
therealrootuser
- 251
- 2
- 4
5
votes
2 answers
Is OMEMO vulnerable in case of compromised jabber server?
As I've understand OMEMO protocol specification, the initial key exchange between Alice and Bob can be stored on server and in future used for message decryption.
Also the phrase from Conversations, Jabber Android client, official site:
This way,…
Rengraz
- 51
- 2
5
votes
1 answer
How to compute result in last step of Socialist millionaires problem?
I was trying to understand Socialist millionaires problem and solution in OTR protocol, but I'm stuck at figuring out how and who computes $(Q_{a}Q_b{}^{-1})^{\alpha\beta}$.
If I'm Bob then I received $Q_{a}$, I can compute $Q_{b}^{-1}$ and I know…
Naan
- 249
- 2
- 6
2
votes
1 answer
A clarification about OTR shared secrets - how long need they be secret?
A quick question on confirmation/authentication with the OTR protocol.
OTR shared secrets/Q&A when used to authenticate your partner in conversation, am I correct my understanding that they DO NOT need to remain secret after the initial key exchange…
N.T. Paul
- 21
- 1
2
votes
1 answer
How secure is the OTR protocol?
I am using Adium and wondering how secure it is.
I believe it uses AES-256 (I do not understand what that means) by default. It also requests that users exchange fingerprints with each other before encrypted conversations can occur, and that a…
mematusz
- 21
- 1
2
votes
0 answers
Off-The-Record and Multi-Designated Verifier Signatures
What technique is used in the Off-The-Record protocol to implement authentication and message validation? And what is the difference between this technique and Multi-Designated Verifier Signatures?
As far as I understand it, the OTR protocol uses…
Ping Ping
- 21
- 3
1
vote
1 answer
Would this authentication on a Diffie-Hellmann-key-exchanged channel work?
Before I ask my question, let me say that I don't know the math behind OTR, so I don't know if the process of authentication in OTR is any similar to this.
Alice and Bob have exchanged keys using Diffie-Hellman key exchange
There's a…
Samuel Shifterovich
- 190
- 1
- 8
0
votes
1 answer
Isn't Socialist Millionaires vulnerable if Alice's and Bob's message are picked from a shared list?
I'm interested in a situation where Alice and Bob each pick cards from a deck of 52, and want to test if they picked the same card without revealing what the card is (a "mental poker" situation). The protocol that came to mind was "Socialist…
Ryan Hughes
- 13
- 4
0
votes
2 answers
How do Alice and Bob perform key exchange through a third-party (server) in end-to-end encryption?
Understanding end-to-end encryption, I ran into an issue which I wasn't able to find a solution for.
Given three parties: Alice, Bob, the chat endpoints, and the server party owned by Eve. The server party allows Alice and Bob to communicate.
Let's…
mrDoctorWho
- 103
- 5
0
votes
0 answers
How can Off-The-Record Messaging be viable with a trusted hub?
Off-The-Record messaging sounds nice in theory. I mean, I can even achieve a poor man’s zero-knowledge version of it by publishing my private key somewhere, after signing a private message with it. The recipient would then not be able to prove…
Gregory Magarshak
- 435
- 3
- 13