Off-the-Record Messaging
News - Downloads -
Mailing Lists - Documentation -
Frequently Asked Questions - Press
Off-the-Record (OTR) Messaging allows you to have private conversations
over instant messaging by providing:
- Encryption
- No one else can read your instant messages.
- Authentication
- You are assured the correspondent is who you think it is.
- Deniability
- The messages you send do not have digital signatures that are
checkable by a third party. Anyone can forge messages after a
conversation to make them look like they came from you. However,
during a conversation, your correspondent is assured the messages
he sees are authentic and unmodified.
- Perfect forward secrecy
- If you lose control of your private keys, no previous conversation
is compromised.
- 5 Nov 2005
- otrproxy-0.3.1 released. Changes from 0.3.0:
- Support for OTR protocol version 2; will still interoperate with
version 1 clients (though with a warning to the user).
- Handle non-ASCII charsets properly.
- 5 Nov 2005
- gaim-otr-3.0.0 and libotr-3.0.0 released. Changes from 2.0.2:
- Support for OTR protocol version 2; will still interoperate with
version 1 clients (though with a warning to the user).
- The OTR button now has a right-click context menu with some useful options.
- The OTR button now has icons in addition to text to indicate what state
a conversation is in.
- Most popups have been changed to inline messages in the conversation window.
- 5 Nov 2005
- The identity-binding flaw pointed out earlier has been fixed in
version 2 of the OTR Protocol.
OTR library and toolkit
This is the portable OTR Messaging Library, as well as the toolkit to
help you forge messages. You need this library in order to use the other
OTR software on this page. [Note that some binary packages, particularly
Windows, do not have a separate library package, but just include the library
and toolkit in the packages below.] The current version is 3.0.0.
README
- Source code (3.0.0)
- Compressed tarball
(sig)
- [Note that if you're compiling from source on win32, you may need to
make this patch to libgcrypt-1.2.1.]
- Linux/x86 (2.0.2)
- Fedora Core 4 RPM
- Fedora Core 4 dev RPM
- Fedora Core 3 RPM
- Fedora Core 3 dev RPM
- Mandriva 2005 LE RPM
- Mandriva 2005 LE dev RPM
- Linux/x86 (2.0.1)
- Mandrake 10.1 RPM
- Mandrake 10.1 dev RPM
- Linux/x86_64 (2.0.2)
- Fedora Core 4 RPM
- Fedora Core 4 dev RPM
- Fedora Core 3 RPM
- Fedora Core 3 dev RPM
- Linux/PPC (2.0.2)
- Fedora Core 4 RPM
- Fedora Core 4 dev RPM
OTR plugin for gaim
This is a plugin for gaim 1.x which implements Off-the-Record Messaging
over any IM network gaim supports. The current version is 3.0.0.
You may need the above library packages.
README
- Source code (3.0.0)
- Compressed tarball
(sig)
- Patch for gaim 2 beta 2 (will be incorporated into next version)
- Linux/x86 (2.0.2)
- Fedora Core 4 RPM
- Mandriva 2005 LE RPM
- Linux/x86 (2.0.1)
- Fedora Core 3 RPM
- Mandrake 10.1 RPM
- Linux/x86_64 (2.0.2)
- Fedora Core 4 RPM
- Fedora Core 3 RPM
- Linux/PPC (2.0.2)
- Fedora Core 4 RPM
- Windows (3.0.0)
- Win32 installer for gaim 1.x
(sig)
- Win32 installer for gaim 2.x (See this message if you're using gaim 2 beta 2.)
OTR localhost AIM proxy
Notice to Tiger iChat
users: You need to be using OS X version 10.4.2 or later.
Earlier versions have a bug that prevents iChat from connecting to
an HTTP proxy.
This is a localhost proxy you can use with almost any AIM client in order
to participate in Off-the-Record conversations. The current version is
0.3.1, which means it's still a long way from done. Read the README
file carefully. Some things it's still missing:
- Username/password authentication to the proxy
- Having the proxy be able to use outgoing proxies itself
- Support for protocols other than AIM/ICQ
- Configurability of the proxy types and ports it uses
But it should work for most people. Please send feedback to the
otr-users mailing list, or to the dev team.
You may need the above library packages.
README
- Source code (0.3.1)
- Compressed tarball
(sig)
- Windows (0.3.1)
- Win32 installer
(sig)
- OS X (0.3.1)
- OS X package
If you use OTR software, you should join at least the otr-announce
mailing list, and possibly
otr-users
(for users of OTR software) or
otr-dev
(for developers of OTR software) as well.
Installation and Setup Guides
Trillian with OTR proxy (German translation, from HennR)
Adium X with OTR
OTR proxy on Mac OS X
gaim-otr on Debian unstable (from Adam Zimmerman)
gaim-otr on Windows(from Adam Zimmerman)
gaim-otr 3.0.0 on Ubuntu(from Adam Zimmerman). Note that Ubuntu breezy has gaim-otr 2.0.2 in it, and all you should have to do is "apt-get install gaim-otr".
We would greatly appreciate instructions and screenshots for other platforms!
About OTR
Here are some documents and papers describing OTR. The
CodeCon presentation is quite useful
to get started.
- What implementations of Off-the-Record Messaging are there?
- Right now, there's the plugin for gaim, which is supported on Linux
and Windows. Adium X, a popular IM client for Mac OS X, supports OTR.
There's also the OTR proxy, which is supported on Linux,
Windows, and OS X. The OTR functionality is separated into the
Off-the-Record Messaging Library (libotr), which is an LGPL-licensed
library that can be used to (hopefully) easily produce OTR plugins for
other IM software, or for other applications entirely.
- What is the license for the OTR software?
- The Off-the-Record Messaging Library is licensed under version 2.1
of the GNU Lesser General
Public License. The Off-the-Record Toolkit, the gaim-otr plugin,
and the OTR proxy are licensed under version 2 of the GNU General Public
License.
- How is this different from the gaim-encryption plugin?
- The gaim-encryption plugin provides encryption and authentication,
but not deniability or perfect forward secrecy. If an attacker or a
virus gets access to your machine, all of your past
gaim-encryption conversations are retroactively compromised. Further,
since all of the messages are digitally signed, there is
difficult-to-deny proof that you said what you did: not what we want
for a supposedly private conversation!
- How is this different from Trillian's SecureIM?
- SecureIM doesn't provide any kind of authentication at all! You
really have no idea (in any kind of secure way) to whom you're speaking,
or if there is a "man in the middle" reading all of your messages.
- How is this different from SILC?
- SILC uses a completely separate network of servers and underlying
network protocol. In some environments, such as firewalled or corporate
setups, where a local proprietary IM protocol may be in use, SILC may
not be available. Further, in its normal mode of operation, all SILC messages
are shared with the SILC servers; if you want to send messages that can only
be read by the person with whom you're communicating, you need to either
(1) arrange a pre-shared secret in advance (which hampers perfect forward
secrecy), or (2) be able to do a direct peer-to-peer connection to the other
person's client, in order to do a key agreement (which may not be possible in
a NAT or firewall situation).
Is your question not here? Ask on the
otr-users
mailing list!
Nikita Borisov, Ian Goldberg