research-article

Improved group off-the-record messaging

Authors:

Hong Liu,

Eugene Y. Vasserman,

Nicholas HopperAuthors Info & Claims

WPES '13: Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society

Pages 249 - 254

https://doi.org/10.1145/2517840.2517867

Published: 04 November 2013 Publication History

Get Access

Abstract

Off-the-Record Messaging (OTR) is an online analogy of face-to-face private chat -- messages are confidential and authenticated at the time of the conversation, but cannot later be used to prove authorship. The original OTR protocol is limited to two parties, and is extended by multi-party OTR (mpOTR) to the group chat setting. In doing this, mpOTR unintentionally weakens the security properties provided by its two-party predecessor. We propose an improved group OTR (GOTR)protocol that provides unconditional repudiability, and show how to obtain data origin authentication given this level of repudiability.

GOTR resists network failure, colluding and independent malicious insiders, and provides efficient and flexible membership management. We analyze the security properties and performance of GOTR, and present measurement results of a proof-of-concept implementation of GOTR.

References

[1]

J.-M. Bohli and R. Steinwandt. Deniable group key agreement. In Progress in Cryptology -- VIETCRYPT 2006, volume 4341 of Lecture Notes in Computer Science. 2006.

Digital Library

Google Scholar

[2]

N. Borisov, I. Goldberg, and E. Brewer. Off-the-record communication, or, why not to use PGP. In Proceedings of the ACM workshop on Privacy in the electronic society, WPES'04, 2004.

Digital Library

Google Scholar

[3]

M. Burmester and Y. Desmedt. A secure and efficient conference key distribution system. In Advances in Cryptology -- EUROCRYPT'94, volume 950 of Lecture Notes in Computer Science. 1995.

Google Scholar

[4]

M. Burmester and Y. Desmedt. A secure and scalable group key exchange system. Information Processing Letters, 94(3), 2005.

Digital Library

Google Scholar

[5]

M. Di Raimondo, R. Gennaro, and H. Krawczyk. Secure off-the-record messaging. In Proceedings of the ACM workshop on Privacy in the electronic society, WPES'05, 2005.

Digital Library

Google Scholar

[6]

M. Di Raimondo, R. Gennaro, and H. Krawczyk. Deniable authentication and key exchange. In Proceedings of the ACM conference on Computer and communications security, CCS'06, 2006.

Digital Library

Google Scholar

[7]

T. Diament, H. K. Lee, A. D. Keromytis, and M. Yung. The dual receiver cryptosystem and its applications. In Proceedings of the ACM conference on Computer and communications security, CCS'04, 2004.

Digital Library

Google Scholar

[8]

Y. Dodis, J. Katz, A. Smith, and S. Walfish. Composability and on-line deniability of authentication. In Proceedings of the Theory of Cryptography Conference on Theory of Cryptography, TCC'09, 2009.

Digital Library

Google Scholar

[9]

C. Dwork, M. Naor, and A. Sahai. Concurrent zero-knowledge. In Proceedings of the thirtieth annual ACM symposium on Theory of computing, STOC'98, 1998.

Digital Library

Google Scholar

[10]

I. Goldberg, B. Ustaouglu, M. D. Van Gundy, and H. Chen. Multi-party off-the-record messaging. In Proceedings of the ACM conference on Computer and communications security, CCS '09, 2009.

Digital Library

Google Scholar

[11]

J. Katz and M. Yung. Scalable protocols for authenticated group key exchange. J. Cryptol., 20(1), 2007.

Digital Library

Google Scholar

[12]

T. Kivinen and M. Kojo. More modular exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE). RFC 3526, 2003.

Digital Library

Google Scholar

[13]

H. Krawczyk. HMQV: A high-performance secure Diffie-Hellman protocol. In Advances in Cryptology -- CRYPTO 2005, volume 3621 of Lecture Notes in Computer Science. 2005.

Digital Library

Google Scholar

[14]

M. Mannan and P. van Oorschot. A protocol for secure public instant messaging. In Financial Cryptography and Data Security, volume 4107 of Lecture Notes in Computer Science. 2006.

Digital Library

Google Scholar

Cited By

View all

Hülsing AWeber F(2021)Epochal Signatures for Deniable Group Chats2021 IEEE Symposium on Security and Privacy (SP)10.1109/SP40001.2021.00058(1677-1695)Online publication date: May-2021
https://doi.org/10.1109/SP40001.2021.00058
Schliep MHopper NCavallaro LKinder JDomingo-Ferrer J(2019)End-to-End Secure Mobile Group Messaging with Conversation Integrity and DeniabilityProceedings of the 18th ACM Workshop on Privacy in the Electronic Society10.1145/3338498.3358644(55-73)Online publication date: 11-Nov-2019
https://dl.acm.org/doi/10.1145/3338498.3358644
Schliep MVasserman EHopper N(2018)Consistent Synchronous Group Off-The-Record Messaging with SYM-GOTRProceedings on Privacy Enhancing Technologies10.1515/popets-2018-00272018:3(181-202)Online publication date: 28-Apr-2018
https://doi.org/10.1515/popets-2018-0027
Show More Cited By

Index Terms

Improved group off-the-record messaging

Recommendations

Multi-party off-the-record messaging
CCS '09: Proceedings of the 16th ACM conference on Computer and communications security

Most cryptographic algorithms provide a means for secret and authentic communication. However, under many circumstances, the ability to repudiate messages or deny a conversation is no less important than secrecy and authenticity. For whistleblowers, ...
Revisiting Pairing Based Group Key Exchange
Financial Cryptography and Data Security

Secure communication within a large group of users such as participants in a phone or video conference relies on the availability of secure data and efficient data transmission. Group key exchange protocols allow a (large) group of <em>n</em>users to ...
Brief announcement: secret handshakes from CA-oblivious encryption
PODC '04: Proceedings of the twenty-third annual ACM symposium on Principles of distributed computing

Secret handshake protocols were recently introduced by Balfanz, et al. [1] to allow members of the same group to authenticate each other secretly, in the sense that someone who is not a group member cannot tell, by engaging in the handshake protocol, ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

WPES '13: Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society

November 2013

306 pages

ISBN:9781450324854

DOI:10.1145/2517840

General Chair:
Ahmad-Reza Sadeghi
TU-Darmstadt & Fraunhofer SIT & Intel ICRI-SC, Germany
,
Program Chair:
Sara Foresti
Università degli Studi di Milano, Italy

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 November 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'13

Sponsor:

SIGSAC

CCS'13: 2013 ACM SIGSAC Conference on Computer and Communications Security

November 4, 2013

Berlin, Germany

Acceptance Rates

WPES '13 Paper Acceptance Rate 30 of 103 submissions, 29%;

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
175
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hülsing AWeber F(2021)Epochal Signatures for Deniable Group Chats2021 IEEE Symposium on Security and Privacy (SP)10.1109/SP40001.2021.00058(1677-1695)Online publication date: May-2021
https://doi.org/10.1109/SP40001.2021.00058
Schliep MHopper NCavallaro LKinder JDomingo-Ferrer J(2019)End-to-End Secure Mobile Group Messaging with Conversation Integrity and DeniabilityProceedings of the 18th ACM Workshop on Privacy in the Electronic Society10.1145/3338498.3358644(55-73)Online publication date: 11-Nov-2019
https://dl.acm.org/doi/10.1145/3338498.3358644
Schliep MVasserman EHopper N(2018)Consistent Synchronous Group Off-The-Record Messaging with SYM-GOTRProceedings on Privacy Enhancing Technologies10.1515/popets-2018-00272018:3(181-202)Online publication date: 28-Apr-2018
https://doi.org/10.1515/popets-2018-0027
Schliep MHopper NLie DMannan MBackes MWang X(2018)End-to-End Secure Mobile Group Messaging with Conversation Integrity and Minimal Metadata LeakageProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3278506(2282-2284)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3278506
Eugster PMarson GPoettering B(2018)A Cryptographic Look at Multi-party Channels2018 IEEE 31st Computer Security Foundations Symposium (CSF)10.1109/CSF.2018.00010(31-45)Online publication date: Jul-2018
https://doi.org/10.1109/CSF.2018.00010
Firoozjaei MLee SKim H(2018)O$$^2$$2TR: Offline Off-the-Record (OTR) MessagingInformation Security Applications10.1007/978-3-319-93563-8_6(61-71)Online publication date: 23-Jun-2018
https://doi.org/10.1007/978-3-319-93563-8_6
Abu-Salma RSasse MBonneau JDanilova ANaiakshina ASmith M(2017)Obstacles to the Adoption of Secure Communication Tools2017 IEEE Symposium on Security and Privacy (SP)10.1109/SP.2017.65(137-153)Online publication date: May-2017
https://doi.org/10.1109/SP.2017.65
Alkhulaiwi RSabur AAldughayem KAlmanna O(2016)Survey of secure anonymous peer to peer Instant Messaging protocols2016 14th Annual Conference on Privacy, Security and Trust (PST)10.1109/PST.2016.7906977(294-300)Online publication date: Dec-2016
https://doi.org/10.1109/PST.2016.7906977
Unger NDechand SBonneau JFahl SPerl HGoldberg ISmith M(2015)SoKProceedings of the 2015 IEEE Symposium on Security and Privacy10.1109/SP.2015.22(232-249)Online publication date: 17-May-2015
https://dl.acm.org/doi/10.1109/SP.2015.22

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Multi-party off-the-record messaging

Revisiting Pairing Based Group Key Exchange

Brief announcement: secret handshakes from CA-oblivious encryption