OTR: Encrypted Instant Messaging

Yes, for once, I have not just some app for secure messaging, this time, it’s a protocol. OTR, or Off-the-Record Messaging, is a protocol for establishing end-to-end encrypted messaging between two participants over a standard instant messaging channel like IRC or XMPP (Jabber). It also allows for deniable authentication, where during the conversation you can be assured that only you two are talking, but after the conversation, there is no way for an outside third party to 100% prove you talked, since it’s theoretically possible for an attacker to have forged the communications record. It’s complicated, but not too hard to wrap your head around.

Continue reading