User Commands otrparse(1)
NAME
otrparse, otrsesskeys, otrmackey, otrreadforge,
otrmodify, otrremac - process Off-the-Record Messaging
transcripts
SYNOPSIS
otrparse
otrsesskeys ourprivkey theirpubkey
otrmackey aesenckey
otrreadforge aesenckey [newmsg]
otrmodify mackey oldtext newtext offset
otrremac mackey flags sndkeyd rcvkeyd pubkey counter enc-
data revealedmackeys
DESCRIPTION
Off-the-Record (OTR) Messaging allows you to have private
conversations over IM by providing:
]o Encryption
]o No one else can read your instant messages.
]o Authentication
]o You are assured the correspondent is who you think it
is.
]o Deniability
]o The messages you send do not have digital signatures
that are checkable by a third party. Anyone can forge
messages after a conversation to make them look like
they came from you. However, during a conversation,
your correspondent is assured the messages he sees are
authentic and unmodified.
]o Perfect forward secrecy
]o If you lose control of your private keys, no previous
conversation is compromised.
The OTR Toolkit is useful for analyzing and/or forging OTR
messages. Why do we offer this? Primarily, to make abso-
lutely sure that transcripts of OTR conversations are really
easy to forge after the fact. [Note that during an OTR
conversation, messages can not be forged without real-time
SunOS 5.11 Last change: 13 Nov 2007 1
User Commands otrparse(1)
access to the secret keys on the participants' computers,
and in that case, all security has already been lost.]
Easily-forgeable transcripts help us provide the "Deniabil-
ity" property: if someone claims you said something over
OTR, they will have no proof, as anyone at all can modify a
transcript to make it say whatever they like, and still have
all the verification come out correctly.
EXTENDED DESCRIPTION
The following commands are supported:
otrparse
Parse OTR messages given on stdin, showing the values of
all the fields in OTR protocol messages.
otrsesskeys ourprivkey theirpubkey
Shows our public key, the session id, two AES and two
MAC keys derived from the given Diffie-Hellman keys (one
private, one public).
otrmackey aesenckey
Shows the MAC key derived from the given AES key.
otrreadforge aesenckey [newmsg]
Decrypts an OTR Data message using the given AES key,
and displays the message. If newmsg is given, replace
the message with that one, encrypt and MAC it properly,
and output the resulting OTR Data Message. This works
even if the given key was not correct for the original
message, so as to enable complete forgeries.
otrmodifymackey oldtext newtext offset
Even if you can't read the data because you do not know
either the AES key or the Diffie-Hellman private key,
but you can make a good guess that the substring
"oldtext" appears at the given offset in the message,
replace the oldtext with the newtext (which must be of
the same length), recalculate the MAC with the given
mackey, and output the resulting Data message. Note
SunOS 5.11 Last change: 13 Nov 2007 2
User Commands otrparse(1)
that, even if you don't know any text in an existing
message, you can still forge messages of your choice
using the otrreadforge command, above.
otrremac mackey flags sndkeyid rcvkeyid pubkey counter
encdata revealedmackeys
Make a new OTR Data Message, with the given pieces (note
that the data part is already encrypted). MAC it with
the given mackey.
ATRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
Availability SUNWgnome-im-client
Interface stability Volatile
SEE ALSO
pidgin(1), attributes(5)
Off-the-Record Messaging, at http:/www.cypherpunks.ca/otr/
NOTES
Written by the OTR Dev team (otr@cypherpunks.ca). Updated by
Brian Cameron, Sun Microsystems Inc., 2007.
SunOS 5.11 Last change: 13 Nov 2007 3
|
