TY - GEN
T1 - Off-the-record communication, or, why not to use PGP
AU - Borisov, Nikita
AU - Goldberg, Ian
AU - Brewer, Eric
N1 - Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
PY - 2004
Y1 - 2004
N2 - Quite often on the Internet, cryptography is used to protect private, personal communications. However, most commonly, systems such as PGP are used, which use long-lived encryption keys (subject to compromise) for confidentiality, and digital signatures (which provide strong, and in some jurisdictions, legal, proof of authorship) for authenticity. In this paper, we argue that most social communications online should have just the opposite of the above two properties; namely, they should have perfect forward secrecy and repudiability. We present a protocol for secure online communication, called "off-the-record messaging", which has properties better-suited for casual conversation than do systems like PGP or S/MIME. We also present an implementation of off-the-record messaging as a plugin to the Linux GAIM instant messaging client. Finally, we discuss how to achieve similar privacy for high-latency communications such as email.
AB - Quite often on the Internet, cryptography is used to protect private, personal communications. However, most commonly, systems such as PGP are used, which use long-lived encryption keys (subject to compromise) for confidentiality, and digital signatures (which provide strong, and in some jurisdictions, legal, proof of authorship) for authenticity. In this paper, we argue that most social communications online should have just the opposite of the above two properties; namely, they should have perfect forward secrecy and repudiability. We present a protocol for secure online communication, called "off-the-record messaging", which has properties better-suited for casual conversation than do systems like PGP or S/MIME. We also present an implementation of off-the-record messaging as a plugin to the Linux GAIM instant messaging client. Finally, we discuss how to achieve similar privacy for high-latency communications such as email.
KW - Deniability
KW - Perfect Forward Secrecy
KW - Private Communication
UR - http://www.scopus.com/inward/record.url?scp=20444490057&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=20444490057&partnerID=8YFLogxK
U2 - 10.1145/1029179.1029200
DO - 10.1145/1029179.1029200
M3 - Conference contribution
AN - SCOPUS:20444490057
SN - 1581139683
SN - 9781581139686
T3 - WPES'04: Proceedings of the 2004 ACM Workshop on Privacy in the Electronic Society
SP - 77
EP - 84
BT - WPES'04
PB - Association for Computing Machinery
T2 - WPES'04: Proceedings of the 2004 ACM Workshop on Privacy in the Electronic Society
Y2 - 28 October 2004 through 28 October 2004
ER -