[messaging] Value of deniability
sam at samlanning.com
Fri Dec 19 01:52:51 PST 2014
But the person you're communicating with can always disclose their copies
of their logs. So logs off does not provide 2?
Additionally, if you're concern is your own logs, then just encrypt your
HDD. If the problem is bigger (i.e. you have malware) then the malware can
subvert this log obfuscation anyway...
On 19 Dec 2014 09:35, "Alex Kropivny" <alex.kropivny at gmail.com> wrote:
> As entertaining and awesome as this discussion has been, it does seen that
> there are two goals lying on opposite sides of the status quo of plain text
> evidence. Any weird crypto stuff (network logs + long term keys?) added to
> the plain text evidence can have two properties:
> 1. Signature deniability, to not provide more evidence than status quo.
> 2. Plaintext deniability, to provide less evidence than status quo.
> 2 is stronger than 1.
> OTR tries to give 1.
> IANAL, but technology is witchcraft so 1 is probably the case in courts
> for now, regardless of whether it's OTR or cryptocat. Maybe that will
> change in the future?
> Logs off by default gives 2.
> Mixing messages with Markov chain garbage ala @thegrgq_ebooks and using a
> covert channel in nonces (with an ephemeral key) to hide the garbage in
> conversations but not long term logs gives some 2.
> Giving remote parties an easy to use API to write to your logs as you
> gives 2, but also gives remote parties the chance to wire illegal material
> to your logs.
> Dumping logs to a public key with the private key protected by a separate
> password gives 2, and is less extreme than no logs at all.
> This doesn't feel groundbreaking or exciting the way forward secrecy, or
> short public keys, or password-based private key derivation feel.
> Does anyone see a cool possibility I don't?
> On December 18, 2014 3:56:57 PM PST, Sam Lanning <sam at samlanning.com>
> >For those that are interested, I wrote a summary blog post on this
> >Feedback would be welcomed. =)
> >Messaging mailing list
> >Messaging at moderncrypto.org
> Messaging mailing list
> Messaging at moderncrypto.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging