Off-the-Record (OTR) Messaging [$1,000]

[wanderer]

There is a $1,000 open bounty on this issue. Add to the bounty at Bountysource.

[charlieman]

You mean beyond https?

[wanderer]

it would be nice if it has some OTR for direct messaging

[sampaiodiego]

the idea of OTR implies in not saving the message on db?

[engelgabriel]

Off-the-Record (OTR) Messaging

Allows you to have private conversations over instant messaging by providing:

Encryption

No one else can read your instant messages.

Authentication

You are assured the correspondent is who you think it is.

Deniability

The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.

Perfect forward secrecy

If you lose control of your private keys, no previous conversation is compromised.

[kumavis]

I don't know if this implementation has been audited or not but https://github.com/arlolra/otr

[Calinou]

Warning

This library hasn't been properly vetted by security researchers. Do not use in life and death situations!

[kumavis]

And further reading on the state of otr arlolra/otr#59

[comigor]

I think otr is the best option we have, audited or not, cryptocat uses it.

As said on arlolra/otr#59, pointed by @kumavis, just few other implementations are available, and otr4-em and node-otr4 aren't well compatible with Meteor, because we can't use client-side node packages.

[comigor]

It's indeed very easy to implement OTR using arlolra/otr.
Just made a simple PoC Igor1201/otr.

[engelgabriel]

Looks like this feature has more people interested than I expected. I'll raise its priority. 👍

[engelgabriel]

Can any of you guys do a Pull Request or create a fork with a proposed implementation?

[engelgabriel]

Hi @Igor1201 can we work together to get your PoC to work on Rocket.Chat?

[engelgabriel]

See #268

[taoeffect]

Problem with OTR is that it only works while both users are online.

I recommend using Axolotl instead, developed by Open WhisperSystems of TextSecure/Signal fame. It's like OTR but it supports secure asynchronous messaging, which is important because it's rare that everyone is online all the time. :)

There are lots of Axolotl libraries out there, available for both iOS, Android, and Web.

• https://github.com/WhisperSystems/Signal-iOS
• https://github.com/WhisperSystems/TextSecure-Browser/tree/libaxolotl/
• https://github.com/WhisperSystems/TextSecure
• https://github.com/joebandenburg/libaxolotl-javascript
• https://github.com/joebandenburg/libaxolotl-crypto-web

[kdar]

I agree with @taoeffect. OTR isn't optimal here.

[taoeffect]

FYI, this feature, regardless of how you implement it, really only makes sense for DMs (for now). Encrypting group conversations is extremely difficult, and with today's tech it would result in most of the other features of RocketChat having to be removed (like search).

[ccoenen]

@mitar is the paper you mentioned available somewhere? You mentioned it being in review a year ago - and it sounds very interesting!

Also: Thanks for your very detailed descriptions.

[mitar]

Sadly, not. We had issues finding research novelty in that work. It was mostly engineering work, which is not what academic papers should be about, it seems. :-(

[tompinzler]

+1 for Olm Double Ratchet. It's certainly challenging to implement but would imho provide the most features (one-on-one and group conversations, partial forward secrecy etc.) and best user experience.

[napalm23zero]

Any news? Anything? Anyone?
I can see OTR option on my self-hosted Rocket.Chat, but not working.

[geekgonecrazy]

Make sure you are using https

[geekgonecrazy]

Our implementation of e2e encryption has a PR open: #10094

Would be great to get some feedback on that PR.

[PanderMusubi]

You can add this line at the top of the issue description, it will update itself

![badge](https://api.bountysource.com/badge/issue?issue_id=18684038)

and look like

[ghost]

Bounty still open?

[sscotth]

It is still listed on BountySource, but #10094 was released with v0.70.0. So I assume it has not been claimed yet. Either way this issue should be closed.

@mrinaldhar @geekgonecrazy @wanderer @jespow

[ccoenen]

Is that pull request really OTR, though? From the commits alone I can't tell. E2E and OTR are very different things.

[geekgonecrazy]

@RocketChat/core can someone address the concerns here.

Technically OTR has been in for a while. Now we have E2E encryptions with #10094

Does this issue need to stay open for some specific tasks for OTR? Maybe refactoring OTR to go on top of the e2e?

cc: @engelgabriel

[sscotth]

#36 (comment)

Off-the-Record (OTR) Messaging

Allows you to have private conversations over instant messaging by providing:

Encryption

No one else can read your instant messages.

Authentication

You are assured the correspondent is who you think it is.

Deniability

The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.

Perfect forward secrecy

If you lose control of your private keys, no previous conversation is compromised.

[sscotth]

@LemonAndroid I don't think the issuer is responsible for submitting the completion claim.

[Neustradamus]

Any news on it?

[gustavorps]

Bountysource decided to update their Terms of Service:

2.13 Bounty Time-Out.
If no Solution is accepted within two years after a Bounty is posted, then the Bounty will be withdrawn and the amount posted for the Bounty will be retained by Bountysource. For Bounties posted before June 30, 2018, the Backer may redeploy their Bounty to a new Issue by contacting support@bountysource.com before July 1, 2020. If the Backer does not redeploy their Bounty by the deadline, the Bounty will be withdrawn and the amount posted for the Bounty will be retained by Bountysource.

https://www.bountysource.com/issues/18684038-off-the-record-otr-messaging

[HLFH]

@gustavorps Withdrawn. https://twitter.com/Bountysource/status/1273406549252177920
But RocketChat needs to migrate to another bounty platform.