Off-the-Record Messaging

Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing:

Encryption
No one else can read your instant messages.
Authentication
You are assured the correspondent is who you think it is.
Deniability
The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
Perfect forward secrecy
If you lose control of your private keys, no previous conversation is compromised.

Primary download: Win32 installer for pidgin-otr 3.2.0 [other downloads]

News

3 Oct 2009

java-otr 0.1.0 (finally!) released
This is for developers of Java applications that want to add support for OTR. End users do not require this package. Download it here.

15 Jun 2008

pidgin-otr-3.2.0 and libotr-3.2.0 released. Changes from 3.1.0:
  • The functionality of the OTR button has now moved to a menu. There's an "OTR" menu, as well as an icon showing the current OTR state of each active conversation in the window.
  • New OTR icons from <cyrus_xiii@yahoo.com>
  • OTR icons show up inline in the conversation window when the OTR status changes.
  • Buddy authentication has been revamped, based on the user study published in SOUPS 2008. The default is now to choose a question and an answer only you and the buddy should know. The question is displayed to the buddy, who is prompted for the answer. The "shared secret" and "fingerprint" authentication methods are still available.
  • Translations for Arabic, German, Russian, Hungarian

1 Aug 2007

pidgin-otr-3.1.0 and libotr-3.1.0 released. Changes from 3.0.0:
  • Translations for English, Dutch, Spanish, French, Slovak
  • Added option to not log OTR conversations
  • Large messages are now fragmented transparently instead of failing
  • Removed "view secure session id" and "verify fingerprint" options from the OTR button menu. Added "authenticate buddy" option in its place. This new option allows you to authenticate your buddies by entering some secret that only the two of you know, rather than by using a long user-unfriendly sequence of hex characters. [The old "verify fingerprint" dialog is still available via an "Advanced..." button from the new "authenticate buddy" dialog.]

8 Jun 2007

Version 0.5.2.0 of the third-party OTR plugin for the Miranda IM client is out.

7 Jun 2007

The 0.5.4 release of the mICQ command-line ICQ client now supports OTR!


More News...

Downloads

OTR library and toolkit

This is the portable OTR Messaging Library, as well as the toolkit to help you forge messages. You need this library in order to use the other OTR software on this page. [Note that some binary packages, particularly Windows, do not have a separate library package, but just include the library and toolkit in the packages below.] The current version is 3.2.0.

README

UPGRADING from version 3.0.0 or 3.1.0

Source code (3.2.0)
Compressed tarball (sig)
[Note that if you're compiling from source on win32, you may need to make this patch to libgcrypt-1.2.1.]

Java OTR library

This is the Java version of the OTR library. This is for developers of Java applications that want to add support for OTR. End users do not require this package. It's still early days, but you can download java-otr version 0.1.0.

OTR plugin for Pidgin (formerly known as gaim)

This is a plugin for Pidgin 2.x which implements Off-the-Record Messaging over any IM network Pidgin supports. The current version is 3.2.0.

README

Source code (3.2.0)
Compressed tarball (sig)
Windows (3.2.0)
Win32 installer for pidgin 2.x (sig)

OTR localhost AIM proxy

Notice to Tiger iChat users: You need to be using OS X version 10.4.2 or later. Earlier versions have a bug that prevents iChat from connecting to an HTTP proxy.

This is a localhost proxy you can use with almost any AIM client in order to participate in Off-the-Record conversations. The current version is 0.3.1, which means it's still a long way from done. Read the README file carefully. Some things it's still missing:

But it should work for most people. Please send feedback to the otr-users mailing list, or to the dev team. You may need the above library packages.

README

Source code (0.3.1)
Compressed tarball (sig)
Windows (0.3.1)
Win32 installer (sig)
OS X (0.3.1)
OS X package

Mailing Lists

If you use OTR software, you should join at least the otr-announce mailing list, and possibly otr-users (for users of OTR software) or otr-dev (for developers of OTR software) as well.

Documentation

Installation and Setup Guides

Adium, Pidgin & OTR (auf Deutsch, by Christian Franke)
Miranda, Pidgin, Kopete & OTR (auf Deutsch, by Missi)
Adium X with OTR
OTR proxy on Mac OS X
pidgin-otr on gentoo (from "X")
gaim-otr on Debian unstable (from Adam Zimmerman)
gaim-otr on Windows (from Adam Zimmerman)
gaim-otr 3.0.0 on Ubuntu (from Adam Zimmerman). Note that Ubuntu breezy has gaim-otr 2.0.2 in it, and all you should have to do is "apt-get install gaim-otr".

We would greatly appreciate instructions and screenshots for other platforms!

About OTR

Here are some documents and papers describing OTR. The CodeCon presentation is quite useful to get started.

Frequently Asked Questions

What implementations of Off-the-Record Messaging are there?
Please see our OTR-enabled software page. The OTR functionality is separated into the Off-the-Record Messaging Library (libotr), which is an LGPL-licensed library that can be used to (hopefully) easily produce OTR plugins for other IM software, or for other applications entirely.
What is the license for the OTR software?
The Off-the-Record Messaging Library is licensed under version 2.1 of the GNU Lesser General Public License. The Off-the-Record Toolkit, the pidgin-otr plugin, and the OTR proxy are licensed under version 2 of the GNU General Public License.
How is this different from the pidgin-encryption plugin?
The pidgin-encryption plugin provides encryption and authentication, but not deniability or perfect forward secrecy. If an attacker or a virus gets access to your machine, all of your past pidgin-encryption conversations are retroactively compromised. Further, since all of the messages are digitally signed, there is difficult-to-deny proof that you said what you did: not what we want for a supposedly private conversation!
How is this different from Trillian's SecureIM?
SecureIM doesn't provide any kind of authentication at all! You really have no idea (in any kind of secure way) to whom you're speaking, or if there is a "man in the middle" reading all of your messages.
How is this different from SILC?
SILC uses a completely separate network of servers and underlying network protocol. In some environments, such as firewalled or corporate setups, where a local proprietary IM protocol may be in use, SILC may not be available. Further, in its normal mode of operation, all SILC messages are shared with the SILC servers; if you want to send messages that can only be read by the person with whom you're communicating, you need to either (1) arrange a pre-shared secret in advance (which hampers perfect forward secrecy), or (2) be able to do a direct peer-to-peer connection to the other person's client, in order to do a key agreement (which may not be possible in a NAT or firewall situation).

Is your question not here? Ask on the otr-users mailing list!