|
|
|
|
|
|
by click170
5470 days ago
|
|
|
I don't like that OTR allows the person your talking with to deny that they said something they said. I'd rather have pgp signed/encrypted chat so I can prove who said what. I may be misunderstanding but I think OTR sends the encryption keys with the chat (to accomplish deniability), and while this means your text isn't transmitted in plaintext, it may as well be. Im open to being proven wrong though. |
|
|
The encryption keys are not sent with the chat, they're generated using DH key exchange. After a conversation is finished, others may forge messages to make them look like they came from you, but they cannot read the messages you originally sent. This gives you plausible deniability, which is what you want in most use cases (if you don't, then you're right that PGP is a better option).
The key exchange is susceptible to a man in the middle attack, which can be prevented by comparing fingerprints using a separate communication channel. Once compared, all future conversations should be impossible to intercept. If your private keys are ever found (a TSA official steals your laptop), they'll be unable to decrypt past conversations. Unless you've left conversation logging on in your chat client, of course.
I never thought much about using OTR until i logged into GMail and discovered reams and reams of OTR conversations stored in the chat logs. I never used the GMail Chat client, and this was a real eye-opener for me. Had I not been using OTR, Google would have stored a couple of years worth of conversations between my friends and kept them forever.
By the way, ZFone / ZRTP (http://zfoneproject.com/) is a protocol using similar ideas, but for VoIP calls.