[messaging] Deniable authenticated group messaging

Berkant Ustaoglu bustaoglu at uwaterloo.ca
Sat Apr 18 08:19:08 PDT 2015

Quoting Michael Rogers <michael at briarproject.org>:

> On 17/04/15 20:08, Trevor Perrin wrote:

>> IMO there's a useful notion something like "don't leave signed
>> messages around by default" and then stronger academic notions around
>> the idea of "interacting with Alice doesn't give Bob anything he
>> couldn't simulate", which are somewhat dubious (again, IMO) since once
>> you start considering that Bob is actively trying to defeat Alice's
>> deniability he could simply share his private key with the 3rd-party
>> judge and have the judge execute the protocol as him.
> "Don't leave signed messages around" is fine for now.

What is your opinion if I there are signed messages around but also the
private key with which the message was singed? Would that meet your notion
of deniability?



More information about the Messaging mailing list