What is off-the-record messaging (OTR)?

Tips & tricks
7 mins
OTR

For journalists, the ability to protect a source is vital to successfully communicating with valuable people. For sources, the stakes are even higher: their security and liberty depend on not being identified as the source of a story.

The mere revelation that somebody inside a corporation or governmental organization talked to a reporter can be as damaging as the contents of the conversation itself.

Imagine this: After receiving an anonymous tip-off, a major news publication breaks a story about a big oil company covering up an accident. The day after the story breaks, the corporation learns that an employee recently exchanged encrypted information with someone from the news company. The corporation immediately fires the leak, ending their career, and threatens the leak with a big fat lawsuit.

Off-the-record communications prevent this from happening.

Read more: Whistleblowing guide: How to protect your sources?

Off-the-record communications protects sources

“Off-the-record” (OTR) as a term in journalism refers to information from sources that officially doesn’t exist, or conversations that “didn’t happen.” This information can but doesn’t have to come from sources known to the journalist, taking the form of anything from an anonymous tip-off to information from a long-trusted source.

While many respectable news organizations have a policy not to publish information shared off the record, this information can still can play a critical role in pointing journalists in the right direction, or helping journalists find citable sources with the same information.

Let’s take a look at OTR messaging and how it works.

Read more: The best messaging apps for privacy and security in 2021

OTR uses forward secrecy

To understand the features of OTR, let’s first look at Pretty Good Privacy (PGP), which predates OTR by over 10 years. PGP is encryption software in which the sender and the recipient create a pair of encryption keys that they use to encrypt messages and data. It is popular for emails and file transfers and also allows users to sign data with a static public key to prove their authenticity. This key is often publicized on the owner’s website or on directories, and can be used for a long time by its owner.

While encryption software like PGP is effective at keeping the contents of communicated data secret, it has a few drawbacks when it comes to staying in touch with your sources. If your encryption key is exposed, an attacker can decrypt all your previous conversations if they have intercepted and recorded the encrypted messages.

OTR protects your messages from being decrypted by practicing “perfect forward secrecy.”

Forward secrecy means you have secrecy today even if your key gets compromised in the future. OTR provides forward secrecy by using a different key for each session, which isn’t stored after the session is over.

The downside to having different keys for each session is that you can’t retrieve your history without logging it in clear text, which could compromise you later on. Furthermore, there is no way of knowing if the other party is logging you, but you wouldn’t have revealed your identity or valuable information to them if you didn’t trust them to begin with, right?

OTR provides deniable authentication and encryption

Deniable authentication

In PGP, you can use the static key to sign any kind of data or text. This signature authenticates you without doubt and shows you created or approve of certain messages. But since this signature is visible to any observer, it can reveal the identities of the two communicating parties.

OTR practices deniable authentication. This means it’s impossible for an eavesdropper to tell solely from the encrypted messages who is communicating with whom. Only the participants get information about one another’s identities in the form of a fingerprint.

To verify each other’s identities and make sure nobody is performing a man-in-the-middle attack, you can publicize your fingerprints or exchange them through an alternative channel, for example in person or on your social media profiles. This fingerprint exchange is an important feature that makes OTR significantly more anonymous than PGP.

Deniable encryption

Similarly to authentication, PGP allows an observer or eavesdropper to see which private key unlocks an encrypted file. Even if the attacker cannot get hold of this private key, they know who possesses it and can put pressure onto a victim or suspect of a crime to decrypt the file.

In OTR, it’s impossible to see who holds the key to an encrypted conversation. Moreover, it’s possible that the key was destroyed immediately after the conversation took place. This is called deniable encryption.

While both deniable authentication and encryption may be assuring or even important in some contexts, there are other ways to link back the keys of two parties to their real identities, like through the chat channels, accounts, and IP addresses used in a conversation.

Read on to find out how to safeguard your anonymity when you use OTR communication.

Basic requirements for OTR

In theory, using OTR is similar to PGP, but you don’t have to worry about manually creating, publishing, and sharing keys, or worrying about their expiration dates. Here are the basic steps for using OTR.

  1. Install the OTR software. As OTR is restricted to chats, it comes bundled with a variety of chat software, most notably Pidgin (Windows, Linux), Adium (Mac OS X), Chat Secure (iOS, Android), and Tor Messenger (cross-platform, still in beta).
  2. Set up a chat account compatible with these messenger clients. The account must at least support protocols like jabber/xmpp, an open and decentralized system that functions similarly to email. Most Gmail or Google Apps accounts also function as jabber accounts—at no extra cost. There are also plenty of services that allow you to register a jabber account freely and anonymously.
  3. Add your contacts as ‘buddies’ to chat with them. Enter their jabber address, which looks similar to or is identical to their email address.
  4. To initiate an OTR message, click on ‘start private conversation’ or click on a lock symbol, depending on the software you are using.
  5. To verify your buddy’s identity, share your fingerprint with each other. You can see your fingerprint by clicking on ‘manual verification’ in your chat window. If you have already established a verified encrypted channel, you could verify each other through that. You can also list your fingerprint on your website or social media.

How to maintain anonymity on OTR

While the OTR protocol itself is quite amazing in protecting your privacy and anonymity, it’s less powerful if you use a channel that can be linked back to your real identity. Having cryptographic deniability is great in theory, but it defeats the purpose if you are communicating through your work Google Apps account, where your employer, Google, and presumably the government can see who you are messaging. Often that’s sufficient for them to draw conclusions about the identities of your source and collaborators.

Here’s how to stay anonymous when you use OTR.

Step 1: Use multiple accounts

The first step to enhance your privacy is to use multiple accounts and be conscious of who you add on which account. You can go so far as creating a new account for each of your contacts. To evade correlation analysis of when and where you log in from, you can register these accounts on various servers and services.

Step 2: Connect to OTR over VPN or Tor

The second step is to always connect to these chat accounts through a VPN or even Tor, especially when you’re signing up. Logging in just once from your home or work IP address is enough to compromise you.

Step 3: Verify the recipient’s identity

The last step is the most tiring one: to verify the identity of the recipient. This is especially important to ensure that no third party is intercepting the exchange in the middle, substituting your contact’s OTR keys for theirs. Your connection will look secure and encrypted to you, but actually may not be until you verify the keys.

To verify the identity of your recipient reliably, a good practice is to broadcast your fingerprint through a trusted channel such as your business card, website or social media account. (You can find your fingerprint under “settings” or “manually verify”.)

How to stay anonymous when sharing files

While the jabber protocol and many clients theoretically allow for the sharing of files or attachments, it rarely works and does not use encryption.

To share files, ExpressVPN recommends Onionshare, a P2P file sharing service built through Tor. That way neither party can identify the other easily through their IP address, and the file is encrypted in transit.

As with any downloads, be aware that files may contain malicious code that could de-anonymize you. Your best bet is to disconnect from the internet before opening the files, or to open the files inside a virtual machine.

Be careful of clicking any kinds of links, especially shortened ones, as they may contain tracking codes that make you identifiable to the other party. If you must open suspicious links, only open them inside the Tor browser.

Click here to learn how to set up an anonymous Jabber account with OTR encryption.

Phone protected by ExpressVPN.
Privacy should be a choice. Choose ExpressVPN.

30-day money-back guarantee

Various devices protected.
Take the first step to protect yourself online. Try ExpressVPN risk-free.
What is a VPN?
Lexie is the blog's resident tech expert and gets excited about empowerment through technology, space travel, and pancakes with blueberries.