Difference between revisions of "OTR"

From XMPP WIKI
Jump to navigation Jump to search
m
 
(20 intermediate revisions by 5 users not shown)
Line 1: Line 1:
[http://www.cypherpunks.ca/otr/Off-the-Record Off-the-Record Messaging], commonly referred to as '''OTR''', is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric-key algorithm, the Diffie–Hellman key exchange, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides perfect forward secrecy and malleable encryption.
{| class="wikitable float" style="margin: auto;"
|-
| style="padding:10px;" | OTR is no longer recommended in the XMPP network  as it has widely been replaced by [https://en.wikipedia.org/wiki/OMEMO OMEMO].
|}
 
[https://otr.cypherpunks.ca/ Off-the-Record Messaging], commonly referred to as '''OTR''', is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric-key algorithm, the Diffie–Hellman key exchange, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides perfect forward secrecy and malleable encryption.


== Strengths ==
== Strengths ==
Line 14: Line 19:
== Client support ==
== Client support ==
=== Native ===
=== Native ===
* [http://adium.im/ Adium] (Mac OS X)
* [https://adium.im/ Adium] (Mac OS X)
* [http://bitlbee.org/ BitlBee] (Cross-platform)
* [https://bitlbee.org/ BitlBee] (Cross-platform)
* [http://icanblink.com/ Blink Cocoa](Cross-platform)
* [http://centerim.org/ CenterIM] (Unix-like)
* [http://centerim.org/ CenterIM] (Unix-like)
* [http://climm.org/ climm] (Unix-like)
* [http://climm.org/ climm] - dead (Unix-like)
* [https://guardianproject.info/apps/gibber/ Gibberbot] (Android)
* [https://chatsecure.org/ ChatSecure (formerly Gibberbot)] (iPhone)
* [http://jitsi.org/ Jitsi] (Cross-platform)
* [https://jitsi.org/ Jitsi (formerly SIP Communicator)] (Cross-platform)
* [http://mcabber.com/ MCabber] (Unix-like)
* [https://mcabber.com/ MCabber] (Unix-like)
* [http://phoenixviewer.com/ Phoenix Viewer], a Second Life client (Cross-platform)
* [https://www.firestormviewer.org/ Phoenix Viewer], a Second Life client (Cross-platform)
* [http://vacuum-im.org/ Vacuum IM] (Cross-platform)
* [http://www.profanity.im/ Profanity]: [https://www.profanity.im/otr.html OTR page]
* [https://psi-im.org/ Psi]/[https://psi-plus.com/ Psi+] (Cross-platform)
* [https://www.xabber.org/ Xabber] (Android)
* [https://yaxim.org/ yaxim] (Android)
* [https://zom.im/ Zom] (Android, iPhone)
* [https://monocles.de/more monocles chat] (Android)


=== Plugin ===
=== Plugin ===
* [http://gajim.org/ Gajim] (Cross-platform) with [http://gajim-otr.pentabarf.de/ gajim-otr]
* [https://gajim.org/ Gajim] (Cross-platform) with [https://dev.gajim.org/gajim/gajim-plugins/wikis/OffTheRecordPlugin Off-The-Record Encryption for Gajim]
* [http://irssi.org/ irssi] (Cross-platform) with [http://irssi-otr.tuxfamily.org/ irssi-otr]
* [https://irssi.org/ irssi] (Cross-platform) with [https://github.com/cryptodotis/irssi-otr/ irssi-otr]
* [http://kopete.kde.org/ Kopete] (Unix-like) with [http://kopete-otr.follefuder.org/ Kopete Off-the-Record plugin]
* [https://userbase.kde.org/Kopete/ Kopete] (Unix-like) with [http://kopete-otr.follefuder.org/ Kopete Off-the-Record plugin]
* [http://miranda-im.org/ Miranda IM] (Microsoft Windows) with [https://code.google.com/p/mirotr/ MirOTR - OTR for Miranda IM!]
* [http://miranda-im.org/ Miranda IM] (Microsoft Windows) with [https://code.google.com/p/mirotr/ MirOTR - OTR for Miranda IM]
* [http://pidgin.im/ Pidgin] (Cross-platform) with [http://www.cypherpunks.ca/otr/#downloads OTR plugin for Pidgin]
* [https://www.miranda-ng.org/ Miranda NG] (Microsoft Windows) with [http://wiki.miranda-ng.org/index.php?title=Plugin:MirOTR MirOTR - OTR for Miranda NG]
* [http://psi-plus.com/ Psi+] (Cross-platform) with [http://public.beuth-hochschule.de/~s30935/ OTR Plugin for Psi+]
* [https://pidgin.im/ Pidgin (formely Gaim)] (Cross-platform) with [https://otr.cypherpunks.ca/#downloads OTR plugin for Pidgin]
* [http://www.trillian.im/ Trillian] (Microsoft Windows) with [http://trillianotr.kittyfox.net/ Trillian OTR]
* [https://poez.io/ Poezio] with [https://doc.poez.io/plugins/otr.html pure-python-otr]
* [http://weechat.flashtux.org/ WeeChat] (Cross-platform) with [http://irssi-otr.tuxfamily.org/ weechat-otr]
* [https://salut-a-toi.org/ Salut à Toi] with plugin_sec_otr.py (installed by default)
* [http://www.xchat.org/ XChat] (Cross-platform) with [http://irssi-otr.tuxfamily.org/ xchat-otr]
* [https://www.trillian.im/ Trillian] (Microsoft Windows) with [http://trillianotr.kittyfox.net/ Trillian OTR]
* [https://weechat.org/ WeeChat] (Cross-platform) with [https://github.com/mmb/weechat-otr/ weechat-otr]
* [http://xchat.org/ XChat] (Cross-platform) with [https://github.com/J0s3f/xchat-otr/ xchat-otr]


== External links ==
== External links ==
* [http://www.cypherpunks.ca/otr/ Homepage]
* [https://otr.cypherpunks.ca/ Homepage]
* [http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html Off-the-Record Messaging Protocol version 2]
* [https://www.otr.im/ OTR.im - Whispering Off The Record]
* [https://otr.cypherpunks.ca/software.php OTR-Enabled Software]
* [https://github.com/otrv4/otrv4 OTRv4 draft]
* [https://otr.cypherpunks.ca/Protocol-v3-4.0.0.html Off-the-Record Messaging Protocol version 3]
* [https://otr.cypherpunks.ca/Protocol-v2-3.1.0.html Off-the-Record Messaging Protocol version 2]

Latest revision as of 20:02, 9 March 2023

OTR is no longer recommended in the XMPP network as it has widely been replaced by OMEMO.

Off-the-Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric-key algorithm, the Diffie–Hellman key exchange, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides perfect forward secrecy and malleable encryption.

Strengths

OTR allows you to have private conversations over instant messaging by providing:

  • Encryption
    • No one else can read your instant messages.
  • Authentication
    • You are assured the correspondent is who you think it is.
  • Deniability
    • The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
  • Perfect forward secrecy
    • If you lose control of your private keys, no previous conversation is compromised.

Client support

Native

Plugin

External links