[messaging] Value of deniability

Nadim Kobeissi nadim at nadim.computer
Wed Dec 10 12:23:46 PST 2014


Deniability is a fictitious property that has, to my knowledge, never had
any bearing on a real world case amounting more than overblown
mentions-in-passing.

Considering that the vast majority of problems in cryptography software
today stem from errors in software implementation, and not from the lack of
miscellaneous and academic properties such as deniability, I'd consider that
engineers focusing on deniability instead of proven-secure software
implementations don't exactly know what's salient when it comes to pushing
software.

(My tone is harsher than usual; this is because I can't believe people still
bother wasting time on deniability when we have problems implementing
confidentiality and authentication correctly - far more basic properties.)

NK

-----Original Message-----
From: Messaging [mailto:messaging-bounces at moderncrypto.org] On Behalf Of
Jacob Appelbaum
Sent: December 10, 2014 2:57 PM
To: messaging
Subject: Re: [messaging] Value of deniability

On 12/10/14, Eleanor Saitta <ella at dymaxion.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 2014.12.10 13.56, Mike Hearn wrote:
>> I would like to hear opinions on the value of deniability in OTR like
>> protocols.
>>
>> From a privacy perspective the rationale is fairly clear.
>
> Has anyone ever seen a case where cryptographic deniability was
> accepted by a judge?  As far as I can tell, its legal value is a
> fiction from the cryptographic community.
>

Yes, I think so. The lack of signatures ensures that a text log is just that
- a text file without cryptographic assurances. It is subject to tampering.
If I recall correctly, this issue came up a bit in Anakata's recent trials.

Furthermore, the inverse is accepted routinely - digital signature laws in
some US states. Washington State in the United States seems to be an
example. If you have a PGP signed email, I'd expect some binding laws to
apply for statements made in the signed portion of the text.
Without a signature, I don't it will fall under the same digital signature
statutes.

Repudiation and non-Repudiation are real properties that they have
contextual value.

All the best,
Jacob
_______________________________________________
Messaging mailing list
Messaging at moderncrypto.org
https://moderncrypto.org/mailman/listinfo/messaging


More information about the Messaging mailing list