OTR

Version 6 (Adrian Georgescu, 09/13/2013 02:02 am)

1 3 Adrian Georgescu
h1. Blink OTR implementation
2 1 Adrian Georgescu
3 6 Adrian Georgescu
"Blink SIP client for SIP2SIP edition":http://download.sip2sip.info/ is a multimedia SIP client that supports chat sessions using MSRP protocol (RFC4975 http://tools.ietf.org/html/rfc4975).  The client is designed to work with SIP2SIP service that implements MSRP relay protocol for NAT traversal of SIP sessions with MSRP media like Instant Messaging chat sessions. 
4 2 Adrian Georgescu
5 6 Adrian Georgescu
On top of the MSRP media chat session, Blink implements the OTR protocol. 
6 1 Adrian Georgescu
7 3 Adrian Georgescu
h2. OTR Protocol
8 3 Adrian Georgescu
9 3 Adrian Georgescu
Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing:
10 3 Adrian Georgescu
11 1 Adrian Georgescu
h3. Encryption
12 1 Adrian Georgescu
13 1 Adrian Georgescu
No one else can read your instant messages.
14 1 Adrian Georgescu
15 1 Adrian Georgescu
h3. Authentication
16 3 Adrian Georgescu
17 1 Adrian Georgescu
You are assured the correspondent is who you think it is.
18 1 Adrian Georgescu
19 1 Adrian Georgescu
h3. Deniability
20 1 Adrian Georgescu
21 1 Adrian Georgescu
The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
22 1 Adrian Georgescu
23 1 Adrian Georgescu
h3. Perfect forward secrecy
24 1 Adrian Georgescu
25 1 Adrian Georgescu
If you lose control of your private keys, no previous conversation is compromised.
26 3 Adrian Georgescu
27 3 Adrian Georgescu
h2. Implementation
28 3 Adrian Georgescu
29 4 Adrian Georgescu
h3. User input
30 4 Adrian Georgescu
31 4 Adrian Georgescu
 * Chat window has the Encryption toolbar icon, encryption features for each session can be controlled by clicking on this toolbar item, a contextual menu appears
32 4 Adrian Georgescu
 * Verification of remote identity can be performed using SMP protocol
33 4 Adrian Georgescu
 * Each Blink contact can have encrypted related attributes saved (always use OTR, verification status and learned fingerprint)
34 4 Adrian Georgescu
35 4 Adrian Georgescu
h3. Notifications
36 4 Adrian Georgescu
37 4 Adrian Georgescu
When remote party has changed its encryption fingerprint several visual and audible clues appear:
38 4 Adrian Georgescu
39 4 Adrian Georgescu
 * Chat window system message is displayed
40 4 Adrian Georgescu
 * Voice synthesiser speaks
41 4 Adrian Georgescu
 * System notification (OSX >=10.8) 
42 4 Adrian Georgescu
 * Growl notification