Slashdot Mirror

← Back to Stories (view on slashdot.org)

Plausible Deniability From Rockstar Cryptographers

Posted by CmdrTaco on from the because-you-can dept.

J. Karl Rove writes "Nikita Borisov and Ian Goldberg (of many, many other projects) have released Off the Record Messaging for Gaim. Encrypt an IM, prove (at the time) that it came from you, and deny it later. The authentication works only when the message is sent; anybody can forge all the messages he wants afterwards (toolkit included). Captured or archived messages prove nothing. And forward secrecy means Big Brother can't read your messages even if he wiretaps you AND grabs your computer later on. All the gooey goodness of crypto, with none of the consequences! They have a protocol spec, source code, and Debian and Fedora binaries."

4 of 358 comments (clear)

  1. Re:I wonder by Entrope · · Score: 5, Informative

    "Later" is after the speaker decides that conversation is over. You pick a signing key for your messages, sign it with your normal public key, send messages using the first key, and your correspondent can confirm you are who you claim. When you want to finish the conversation, you publish (at least to your correspondent) the temporary signing key, and anyone who has it can then forge messages that are as trustable as what you said.

  2. Big brother doesn't need proof by Anonymous Coward · · Score: 5, Insightful

    Sometimes Big Brother can 'prove' anything by force. Why do you think he's called Big? Small people need stuff like evidence, proof, and proper legal process. There are many recent examples of Big Brother having his way, proof and fact be damned.

  3. Deniable until they look at your swap partition by G4from128k · · Score: 5, Insightful

    If you create a message, chances are that fragments of the plain text will be in various caches and VM pages on your harddisk. It may not last for very long -- being overwritten by subsequent paging -- but if someone takes your computer soon after, they may find incriminating junk on the HD.

    --
    Two wrongs don't make a right, but three lefts do.
  4. Re:I wonder by roystgnr · · Score: 5, Interesting

    What stops your correspondent from sending your messages to something like Stamper before you publish the temporary key? After the temporary key is published it will be possible to forge messages signed by that key, but it won't be possible without the collaboration of the timestamping service to forge messages signed by that key and dated before it's publication.