Library.md

OTRv4 Library

Secure messaging

Mapping of different properties

• SoK: Secure Messaging by Nik Unger, Sergej Dechand, Joseph Bonneau, Sascha Fahl, Henning Perl, Ian Goldberg and Matthew Smith

Where does OTR come from

• Off-the-Record Communication, or, Why Not To Use PGP by Nikita Borisov, Ian Goldberg and Eric Brewer

OTRv4 papers

• Improved User Authentication in Off-The-Record Messaging
• Finite-State Security Analysis of OTR Version 2 by Joseph Bonneau and Andrew Morrison
• No evidence of communication: Off-The-Record Protocol version 4 by Sofía Celi and Ola Bini.

Different OTRv4 talks

• "No evidence of communication: Off-The-Record Protocol version 4" at PETS2018, Barcelona, Spain. The presentation was made by Sofía Celi and Ola Bini. The video can be found here.
• "No evidence of communication: OTRv4 (Off-the-Record) v4" at the Privacy Enhancements and Assessments Proposed Research Group (PEARG) from IETF. The presentation was made by Sofía Celi and Jurre van Bergen.
• "No evidence of communication and morality in protocols: Off-the-Record protocol version 4", at the 35th Chaos Computer Congress (35c3), Leipzig, Germany. The presentation was made by Sofía Celi and Jurre van Bergen. The video can be found here.
• "No evidence of communication and implementing a protocol: Off-the-Record protocol version 4" at FOSDEM 2018, Brussels, Belgium. The presentation was made by Sofía Celi and Ola Bini. The video can be found here.
• "Clang tools for implementing cryptographic protocols like OTRv4" at Euro Developers meeting 2018, Brussels, Belgium. The presentation was made by Sofía Celi. The talk can be found here.
• "A case around secure messaging: OTRv4" at the Computer Security and Industrial Cryptography (COSIC) from the Katholieke Universiteit Leuven, Leuven, Belgium. The presentation was made by Sofía Celi. The video can be found here.

Deniability

What it means

• Deniable Authentication on the Internet by Yevgeniy Dodis
• Deniable Encryption by Ran Canetti, Cynthia Dwork, Moni Naor and Rafail Ostrovsky
• Simplifying OTR deniability by Moxie Marlinspike
• Deniable Ring Authentication by Moni Naor
• Deniable Authentication and Key Exchange by Mario Di Raimondo, Rosario Gennaro, and Hugo Krawczyk
• Enhanced Security Models for Network Protocols by Shabsi Walfish

History

• Notions of Deniable Message Authentication by Marc Fischlin and Sogol Mazaheri
• [Non-Malleable Cryptography] by Danny Dolev, Cynthia Dwork and Moni Naor
• Concurrent Zero-Knowledge by Cynthia Dwork, Moni Naor, and Amit Sahai

Types

• Composability and On-Line Deniability of Authentication by Yevgeniy Dodis, Jonathan Katz, Adam Smith, and Shabsi Walfish
• Deniable Key Exchanges for Secure Messaging by Nik Unger and Ian Goldberg.
• Improved Strongly Deniable Authenticated Key Exchanges for Secure Messaging by Nik Unger and Ian Goldber.
• Deniable Key Exchanges for Secure Messaging by Nik Unger, Master Thesis

Value

• Value of deniability

Secrecy

Forward Secrecy

Post-compromise Secrecy

UX work

by Chris Alexander and Ian Goldberg

• Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0
• A User Study of Off-the-Record Messaging by Ryan Stedman, Kayo Yoshida and Ian Goldberg

Other protocols

• The Double Ratchet: Security Notions, Proofs, and Modularization for the Signal Protocol by Joel Alwen, Sandro Coretti, and Yevgeniy Dodis.