Abstract
Off-the-record (OTR) is a security protocol that can be used in privacy preserving instant messaging (IM) systems. However, the conventional OTR is not applicable in some practical scenarios (e.g., when communication network became disconnected) because OTR requires both parties to be online at the same time. To address this limitation, we extend the conventional OTR into a new protocol named offline OTR (O\(^2\)TR). O\(^2\)TR makes the conversation parties be able to handle an offline message even when a session connection is lost. To show the feasibility of the proposed protocol, we implemented a prototype to support O\(^2\)TR based on the Gajim XMMP instant messaging platform. Our experiments showed that O\(^2\)TR can reliably be used when a network party is broken down. Moreover, O\(^2\)TR provides an efficient session refreshment which is about \(34\%\) faster than the original OTR.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Borisov, N., Goldberg, I., Brewer, E.: Off-the-record communication, or, why not to use PGP. In: Proceedings of the 2004 ACM Workshop on Privacy in the Electronic Society, WPES 2004, pp. 77–84. ACM (2004)
Liu, H., Vasserman, E.Y., Hopper, N.: Improved group off-the-record messaging. In: Proceedings of the 12th ACM Workshop on Privacy in the Electronic Society, WPES 2013, pp. 249–254. ACM (2013)
Di Raimondo, M., Gennaro, R., Krawczyk, H.: Secure off-the-record messaging. In: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, WPES 2005, pp. 81–89. ACM (2005)
Marlinspike, M.: Advanced cryptographic ratcheting. Open Whisper Systems (2013). https://whispersystems.org/blog/advanced-ratcheting/
Goldberg, I., Goulet, D., Bergen, J.V.: Off-the-record messaging protocol version 3. https://otr.cypherpunks.ca/Protocol-v3-4.1.1.html
Petullo, W.M., Zhang, X., Solworth, J.A., Bernstein, D.J., Lange, T.: MinimaLT: minimal-latency networking through better security. In: Proceedings of the 2013 ACM SIGSAC Conference on Compute, Communications Security, CCS 2013, pp. 425–438. ACM (2013)
Alexander, C., Goldberg, I.: Improved user authentication in off-the-record messaging. In: Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society, WPES 2007, pp. 41–47. ACM (2007)
Goldberg, I., Ustaoğlu, B., Van Gundy, M.D., Chen, H.: Multi-party off-the-record messaging. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 358–368. ACM (2009)
Frosch, T., Mainka, C., Bader, C., Bergsma, F., Schwenk, J., Holz, T.: How secure is textsecure? Cryptology ePrint Archive, Report 2014/904 (2014). http://eprint.iacr.org/2014/904
Acknowledgments
This work was supported in part by the IITP (No. B0717-16-0116), the ITRC (IITP-2017-2015-0-00403) and the MISP (R2215-16-1005). The authors would like to thank all the anonymous reviewers for their valuable feedback.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Firoozjaei, M.D., Lee, S.M., Kim, H. (2018). O\(^2\)TR: Offline Off-the-Record (OTR) Messaging. In: Kang, B., Kim, T. (eds) Information Security Applications. WISA 2017. Lecture Notes in Computer Science(), vol 10763. Springer, Cham. https://doi.org/10.1007/978-3-319-93563-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-93563-8_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93562-1
Online ISBN: 978-3-319-93563-8
eBook Packages: Computer ScienceComputer Science (R0)