[OTR-dev] mpOTR protocol phases and research questions

[Jacob Appelbaum]

George Kadianakis:
> (PS, maybe one day courts will *have* to take deniability
> seriously. This might happen with time as technology gets even more
> important and even more deniability-related cases get investigated. Or
> it might happen if people try to *force* the courts to take
> deniability seriously by forging conversations of people that the
> courts want to protect. In any case, I wouldn't be surprised if
> deniability is never taken seriously for "important" cases like the
> one you cited.)
> 

Deniability is an important property. Any group chat protocol without
deniability is sure to be a disaster for some person at some point.

To make this discussion clearer I think two properties we specifically
need to discuss when we discuss deniablity are repudiation and
non-repudiation[0].

Courts *do* take digital signatures seriously. In some US States,
digital signature laws make it a legally binding signature. With long
term identity keys, we see that

Thus if there is a chat protocol that uses signatures in a way that
ensures non-repudiation, I believe we have case law, as well as actual
digital signature law that makes such non-repudiation legally binding.

It also seems clear that it would be hard to explain that either or any
person in the chat could have forged it.

If signatures may be checked by a third party after the fact, especially
signatures that may only produced by the person in question, those
signatures *will* be used against people. We know that something as lame
as text logs will be used against people - we should strive to ensure
that we don't cryptography enhance the logs and make such a task easier.

With non-repudiation, transcripts and chat room fragmentation become a
serious social as well as a serious security problem.

Some multi-party chat protocols likely have this problem already and we
shouldn't encourage more protocols to have this flaw.

All the best,
Jacob

[0] https://en.wikipedia.org/wiki/Non-repudiation