[OTR-users] multi-party OTR communications? (and other OTR details)
Brian Morrison
bdm at fenrir.org.uk
Mon Sep 22 12:19:26 EDT 2008
Ian Goldberg wrote:
> On Mon, Sep 22, 2008 at 04:58:17PM +0100, Brian Morrison wrote:
>> Ian Goldberg wrote:
>>
>>> OTR offers the same level deniability as plaintext. But it also offers
>>> strong authentication *during* the conversation. If you used
>>> pidgin-encryption, for example, every message is digitally signed, which
>>> would certainly give you *less* deniability than plaintext.
>> I would say it has much higher deniability than plaintext, in the sense
>> of "You said <thing>" whereas you can say "I said something, but you do
>> not know what it was". The really important aspect is the ephemeral
>> keys, so you can never recover the plaintext if neither party keeps
>> logs. In the UK, with legally enforceable GAP (or GAK under duress as
>> usually computers are seized) this is important as you can truthfully
>> claim that you do not have, and never had, access to the session key. So
>> intercepts don't work.
>
> That's true. Though I usually stick that under OTR's "confidentiality"
> umbrella, not "deniability". Under "deniability", we include
> protections against situations where the person you're talking to is
> himself working against you.
Yes, although that really is the ultimate human problem, you need to be
sure of your co-conspirators....
--
Brian
More information about the OTR-users
mailing list