OTRv4 is the newest version of the Off-The-Record protocol. It is a protocol where the newest academic research intertwines with the real-world implementations. This newest version is one where we are asked to revisit our definitions around deniability (online and offline) and how important they are to the world. It is also one where we must ask ourselves around how usable a protocol has to be in order to be used by real-world people. In this talk we will try to start a discussion around the importance of deniable secure communication, how it integrates with the whole security of a system, and how a user will need it for their normal activities.
As we know from past revelations, the Internet has become a place where any action is surveilled and recorded. In the light of this, the OTR protocol was created. But it was created long time ago. In the past years, there have been a increased work on cryptographic primitives, privacy and security notions, and how to incorporate them in a usable way. But these thoughts have not been incorporated yet into projects. OTRv4 is the newest version of the Off-The-Record protocol, which tries to incorporate these new ideas. In this talk, we will give an overview around why deniability matters, how it can be incorporated into protocols, how it is used by real-world people, and how to create a protocol that cares about its users.
