[OTR-dev] Protocol Analysis
Ian Goldberg
ian at cypherpunks.ca
Thu Jan 19 16:17:20 EST 2006
On Thu, Jan 19, 2006 at 12:55:44PM -0800, Andrew S. Morrison wrote:
> Myself and a partner are considering doing a formal security analysis of
> OTR over the next 3 months as part of a security protocols course at
> Stanford University.
>
> We will be modeling the system and using a formal analysis system such as
> Murphi or PRISM to analyze the OTR protocol. Does anyone on the list know
> if such a thing has been done previously? If so, are there any papers from
> the analysis that I could read? Also, would anyone be willing to talk with
> me for a few minutes about OTR and some of the design decisions?
Very cool. There was a paper in the last WPES analysing the previous
OTR protocol, which is what caused the protocol to change. ;-) It
wasn't a formal analysis, though.
I'd certainly be happy to talk with you; email <otr at cypherpunks.ca>,
and we can do it off-list. [This week's a little busy for me, though.]
- Ian
More information about the OTR-dev
mailing list