Hardware Reference
In-Depth Information
Communicating Off-the-Record - a
background
Before we investigate OTR, let's consider how we could encrypt our chat sessions. We
could use GPG for chat. We'd have to know the public key of our correspondent, and each
time we'd enter a message, it would encrypt and/or sign the message and send it along.
Some chat networks don't have an equivalent e-mail address, so it could be awkward find-
ing and verifying public keys. However, you can certainly imagine a chat system that
worked this way; it's a slightly more synchronous version of GPG with e-mail.
Even if those technical problems are addressed there is a bigger issue lurking in PGP's
design. Let's return to our friends Alice and Bob. Alice and Bob have been communicating
with GPG for quite some time now. They use GPG flawlessly and religiously practice the
best security hygiene. Until one day, when somebody gets a hold of Bob's private key.
Now, there are several ways this could happen. Despite Bob's willpower, perhaps he just
couldn't resist clicking on the
Watch cuTe kittys [sic]
link and malware infected his com-
puter. Perhaps somebody stole his custom made GPG key hardware token and guessed his
GPG passphrase. Regardless of how his private key was leaked, what matters is that now
somebody else has it.
Bob, vigilant GPG user that he is, immediately revokes his key, which informs the world
that the key is compromised. This warns others not to use that particular key and for future
conversations, they should use a new key. But let's not forget about Alice and the many
communiqués she exchanged with Bob. What's to make of Alice? This attacker, who has
Bob's private key, can decrypt the entire past communication between Alice and Bob. All
of it. All of a sudden, their conversation doesn't seem so private as Ian Goldberg, the de-
signer of OTR, remarks about privacy in GPG communications.
