ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Off-the-record communication, or, why not to use PGP
Full text PdfPdf (155 KB)
Source Workshop On Privacy In The Electronic Society archive
Proceedings of the 2004 ACM workshop on Privacy in the electronic society table of contents
Washington DC, USA
SESSION: Communication privacy table of contents
Pages: 77 - 84  
Year of Publication: 2004
ISBN:1-58113-968-3
Authors
Nikita Borisov  University of California at Berkeley
Ian Goldberg  Zero-Knowledge Systems
Eric Brewer  University of California at Berkeley
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 16,   Downloads (12 Months): 109,   Citation Count: 8
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1029179.1029200
What is a DOI?

ABSTRACT

Quite often on the Internet, cryptography is used to protect private, personal communications. However, most commonly, systems such as PGP are used, which use long-lived encryption keys (subject to compromise) for confidentiality, and digital signatures (which provide strong, and in some jurisdictions, legal, proof of authorship) for authenticity.

In this paper, we argue that most social communications online should have just the opposite of the above two properties; namely, they should have <i>perfect forward secrecy</i> and <i>repudiability</i>. We present a protocol for secure online communication, called "off-the-record messaging", which has properties better-suited for casual conversation than do systems like PGP or S/MIME. We also present an implementation of off-the-record messaging as a plugin to the Linux GAIM instant messaging client. Finally, we discuss how to achieve similar privacy for high-latency communications such as email.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Martín Abadi. Private authentication. In Privacy Enhancing Technologies Workshop, 2002.
 
2
Inc. America Online. Aim personal certificates. http://enterprise.aim.com/products/aim/personalcerts.
 
3
America Online, Inc. AOL Instant Messenger. http://www.aim.com/.
 
4
Editor B. Ramsdell. S/MIME version 3 message specification. RFC2633, June 1999.
 
5
I. Brown, A. Back, and B. Laurie. Forward secrecy extensions for OpenPGP. Internet Draft, October 2001.
 
6
J. Callas, L. Donnerhacke, H. Finney, and R. Thayer. OpenPGP message format. RFC2440, November 1998.
 
7
Ran Canetti , Hugo Krawczyk, Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels, Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, p.453-474, May 06-10, 2001
 
8
Giovanni Di Crescenzo, Niels Ferguson, Russell Impagliazzo, and Markus Jakobsson. How to Forget a Secret. In STACS 99, Lecture Notes in Computer Science 1563, pages 500--509. Springer-Verlag, 1999.
 
9
T. Dierks and C. Allen. The TLS protocol version 1.0. RFC2246, January 1999.
 
10
W. Diffie and M. Hellman. New Directions in Cryptography. In IEEE Transactions on Information Theory, pages 74--84, June 1977.
 
11
M. Dworkin. Recommendation for block cipher modes of operation: Methods and techniques. NIST Special Publication 800-38A, December 2001.
 
12
Electronic Privacy Information Center. United States v. Scarfo (Key-Logger Case). http://www.epic.org/crypto/scarfo.html.
 
13
Free Software Foundation. libgcrypt. http://directory.fsf.org/security/libgcrypt.html.
 
14
gaim-e project. gaim-e encryption plugin. http://gaim-e.sourceforge.net/.
 
15
Christoph G. Günther, An identity-based key-exchange protocol, Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology, p.29-37, November 1990, Houthalen, Belgium
 
16
ICQ, Inc. ICQ.com. http://www.icq.com/.
 
17
H. Krawczyk, M. Bellare, and R. Canetti. HMAC: Keyed-hashing for message authentication. RFC2104, February 1997.
 
18
H. Krawczyk, SKEME: a versatile secure key exchange mechanism for Internet, Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96), p.114, February 22-23, 1996
 
19
Lance Cottrell, Pr0duct Cypher, Hal Finney, Ian Goldberg, Ben Laurie, Colin Plumb, or Eric Young7 Signing as one member of a set of keys. http://www.abditum.com/ringsig/.
 
20
Microsoft Corporation. .NET Messenger Service. http://messenger.msn.com/.
21
Bonnie A. Nardi , Steve Whittaker , Erin Bradner, Interaction and outeraction: instant messaging in action, Proceedings of the 2000 ACM conference on Computer supported cooperative work, p.79-88, December 2000, Philadelphia, Pennsylvania, United States  [doi>10.1145/358916.358975]
 
22
National Institute of Standards and Technology. Secure hash standard (SHS). Federal Information Processing Standards Publication 180--1, April 1995.
 
23
National Institute of Standards and Technology. Announcing the advanced encryption standard (AES). Federal Information Processing Standards Publication 197, November 2001.
 
24
National Institute of Standards and Technology. Digital signature standard (DSS). Federal Information Processing Standards Publication 186--2, October 2001.
 
25
OpenBSD Project. OpenSSH. http://openssh.com/.
 
26
H. Orman. The OAKLEY key determination protocol. RFC2412, November 1998.
 
27
Adrian Perrig , J. D. Tygar , Dawn Song , Ran Canetti, Efficient Authentication and Signing of Multicast Streams over Lossy Channels, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.56, May 14-17, 2000
 
28
Reuters. FBI confirms "Magic Lantern" exists. http://news.com.com/2102-1001-276976.html, 12 December 2001.
29
R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]
 
30
Ronald L. Rivest , Adi Shamir , Yael Tauman, How to Leak a Secret, Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, p.552-565, December 09-13, 2001
 
31
Cerulean Studios. Trillian. http://www.trillian.cc/products/.
 
32
T. Ylonen. SSH - secure login connections over the Internet. In 6th USENIX Security Symposium, pages 37--42, San Jose, CA, July 1996.
 
33
Philip R. Zimmermann, The official PGP user's guide, MIT Press, Cambridge, MA, 1995

CITED BY  8
Mohammad Mannan , Paul C. van Oorschot, On instant messaging worms, analysis and countermeasures, Proceedings of the 2005 ACM workshop on Rapid malcode, November 11-11, 2005, Fairfax, VA, USA
Mario Di Raimondo , Rosario Gennaro , Hugo Krawczyk, Secure off-the-record messaging, Proceedings of the 2005 ACM workshop on Privacy in the electronic society, November 07-07, 2005, Alexandria, VA, USA
Sharad Agarwal , Venkata N. Padmanabhan , Dilip A. Joseph, Addressing email loss with SureMail: measurement, design, and evaluation, 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference, p.1-14, June 17-22, 2007, Santa Clara, CA
Mario Di Raimondo , Rosario Gennaro , Hugo Krawczyk, Deniable authentication and key exchange, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
Mohammad Mannan , Paul C. van Oorschot, Privacy-enhanced sharing of personal content on the web, Proceeding of the 17th international conference on World Wide Web, April 21-25, 2008, Beijing, China
Chris Alexander , Ian Goldberg, Improved user authentication in off-the-record messaging, Proceedings of the 2007 ACM workshop on Privacy in electronic society, October 29-29, 2007, Alexandria, Virginia, USA
Ryan Stedman , Kayo Yoshida , Ian Goldberg, A user study of off-the-record messaging, Proceedings of the 4th symposium on Usable privacy and security, July 23-25, 2008, Pittsburgh, Pennsylvania
Wayne Liu , Sudhir Aggarwal , Zhenhai Duan, Incorporating accountability into internet email, Proceedings of the 2009 ACM symposium on Applied Computing, March 08-12, 2009, Honolulu, Hawaii

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.4 COMPUTERS AND SOCIETY
      K.4.1 Public Policy Issues
          Subjects: Privacy

Additional Classification:
  E. Data
  E.3 DATA ENCRYPTION

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Authentication


General Terms:
Security


Keywords:
deniability, perfect forward secrecy, private communication

Collaborative Colleagues:
Nikita Borisov: colleagues
Ian Goldberg: colleagues
Eric Brewer: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player