OTR proxy and Trillian

March 1, 2009 | By admin In General |

As promised a while ago I created an Installation and Setup Guide for OTR proxy and Trillian.

I quickly registered an AIM and an ICQ account, got myself the new 0.3.0 OTR proxy and 3.1 Trillian software and went on a;

Tech-Quest : OTR proxy 0.3.0 and Trillian 3.1 Basic (and Pro)

Overview

Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing:

  • Encryption No one else can read your instant messages.
  • Authentication You are assured the correspondent is who you think it is.
  • Deniability The messages you send do not have digital signatures that are checkable by a third party.
  • Anyone can forge messages after a conversation to make them look like they came from you.
  • However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
  • Perfect forward secrecy If you lose control of your private keys, no previous conversation is compromised.

1. Install OTR proxy

Get OTR proxy here. Verify the .exe with the signature.

After verifying it start the .exe and install it anywhere you like.

2. Start OTR proxy

If you did not start OTR Proxy at the last step while installing OTR Proxy you have to do that now.

Remember that you always should have OTR Proxy running before you start Trillian if you want to use

the IM protocols you configured to use the OTR Proxy.

(Howto configure Trillian to use OTR Proxy for AIM/ICQ will be explained in step 4

If you go to the preferences of OTR proxy;

You will notice that there are no fingerprints yet of your buddies.

Starting and Ending Private Conversations is something you can do here but usually you do that in your IM client (here Trillian).

You will also notice that there are none of -your- IM accounts available yet to generate keys for or view the fingerprint for authentication purposes.

3. Install Trillian

Get Trillian and just do the install the way you like it.

After that add the IM accounts you like to use, just remember that at the moment OTR Proxy only supports AIM and ICQ.

4. Configure Trillian

Start Trillian. Select in the upper left corner ‘Trillian’ and from the dropdown menu select ‘Trillian Preferences’.

Select ‘Advanced Preferences’.

Select ‘Proxy Server’.

This is how you configure your AIM environment in Trillian so it uses the OTR Proxy to talk to the outside.

This way OTR Proxy can encrypt your AIM conversations when it notice the other side is OTR

capable and leave other AIM conversations unencrypted when that buddy is not OTR capable. Almost magic ! :)

You will notice I configured both AIM and ICQ to use Socks5, please note that OTR Proxy also supports HTTPS and HTTP.

The prefered order for you to try this is :

  • Socks5 on port 1080
  • HTTPS on port 8080
  • HTTP on port 8080

These are in order of “simplicity of protocol”, which corresponds to “probability of correct implementation”.

This is how you configure your ICQ environment in Trillian so it uses the OTR Proxy to talk to the outside.

This way OTR Proxy can encrypt your ICQ conversations when it notice the other side is OTR capable

and leave other ICQ conversations unencrypted when that buddy is not OTR capable. Almost magic !


This screenshot to show you should -not- configure other protocols next to AIM and ICQ to use the OTR Proxy.

5. Howto Establish an OTR enabled IM session

This describes howto establish an OTR enabled IM session without going into the nitty gritty details.

If you like more details please read this and this.

I initiated an IM chat with a buddy by typing ‘ping’, you see with the left arrow that OTR Proxy ’sees’ this buddy.

As both sides were OTR capable I got the fingerprint of the buddy from the other side of the internet). (Right arrow.)

In the background OTR proxy on my side generated on the fly a fingerprint for my side and sent it to my buddy. (Not shown here).

The moment I acknowledge the fingerprint of the buddy on the other side the conversation

gets encrypted and the buddy moves to the Private Connections’ of OTR Proxy. (Left arrow.)

I also get one more popup window telling me that we have established and encrypted conversation. (Right arrow.)

This screenshot is to show you how the screen looks like after OTR Proxy did its work and the secure connection has been established.

Here you see how the buddy from the other side responds (with pong).

or more documentation please visit the OTR website

Share and Enjoy:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

Other Related Posts:

No Comments

Comments are closed.