Ultimate Chat Privacy with OTR Messaging


Author: InvisibleUser Team

Welcome to our introduction to the OTR Messaging protocol.

We all use messaging services, like SMS, WhatsApp, iMessage, Google Hangouts and Facebook messenger at work or for private conversations. Unfortunately, popular services are highly compromised when it comes to privacy and we advise you to stay away. There are much better options. In this post, we will focus on Off-the-Record Messaging.

What is OTR Messaging?

OTR stands for Off-the-Record Messaging and is a protocol that integrates message encryption into instant messaging. The encryption method used is the Advanced Encryption Standard (AES). The OTR protocol can be used with any chat or instant messaging service, so you can use your existing accounts. OTR makes the conversations absolutely private, even if you are using a popular messaging service that is not designed for security.

Privacy Features of OTR Messaging

The protocol takes the encryption methods of PGP a step further. With PGP encryption, you can find out what keys were used to encrypt the message. With that information, it is possible to find out that two participants communicated with each other, but an adversary still cannot decrypt the PGP-message.

With the OTR protocol, that is not possible. This principle is called “plausible deniability”, because no one can ever prove that a conversation took place. Out of the chat methods mentioned in this chapter, OTR is designed to give you the most advanced privacy. If you are living under an authoritarian regime, you need OTR Messaging.

The plausible deniability benefit really comes into play if you contacted someone who is actually not trustworthy with OTR Messaging. That person might want to report you to the authorities. This is, however, not possible after your chat session ends. OTR uses a signature to open every conversation (authentication), but messages are not signed with your private key. They are only “marked” with a short-lived value similar to a private key. Therefore, you cannot decrypt a message at a later point, because you do not have the necessary key anymore. That also applies to the adversary that was trying to report you. They cannot even prove that the conversation took place, because the messages are unsigned. Neither can they make use of the “cryptographic nonsense” that messages become through OTR, at a later point. No one will be able to decrypt that, not even when they get hold of your original private key.

Unfortunately, OTR is only possible between 2 people at the moment. Group chats could be added in the future. Support for audio, video, photos and other files is not planned. That should not be a huge problem, since you can simply encrypt the file with a different method. Then you can send it however you want. An unencrypted email is safe if you send encrypted files as attachments. Unless the simple act of having email contact with someone is considered suspicious.

Please note: Always make sure that you are using the current version 4.0.2 of OTR. Version 1 has some significant security issues and is no longer recommended. It is vulnerable to man-in-the-middle attacks.

The 4 Principles of OTR Messaging

The OTR protocol follows four principles that make it secure. Those are:

  • Encryption
  • Authentication: Signatures are used to make sure that you know who you are talking to. It is impossible for an attacker to manipulate your session by making you believe that the messages come from your contact. If you are chatting with an attacker that claims to be your contact, you will notice, because the keys change and OTR stops working.
  • Deniability: Messages are not signed individually. Signatures are only needed to start the chat. Noone can prove that you have sent a particular message, because you do not attach your public key to it, unlike in PGP. Messages are instead handled using a common secret that is calculated when starting the session.
  • Perfect Forward Secrecy: Individual messages are encrypted with short-lived keys that changes all the time. When a participant loses his/her permanent private key and an attacker gets that key, the communication partners are not in danger. The conversation cannot be compromised, because an adversary cannot derive the short-lived keys from the permanent original private key.

Encryption is so effective that some countries even make using encryption a crime or legally force suspects to decrypt their data for law enforcement. How can these countries have the impudence to call themselves democracies?

On this website, you can check which countries have such laws.


Why SMS are dangerous to Privacy


OTR Messaging Guide with Pidgin