[OTR-users] A question regarding plausible deniablity
Ian Goldberg
ian at cypherpunks.ca
Tue Jul 3 11:35:31 EDT 2012
On Tue, Jul 03, 2012 at 09:34:03AM -0300, Ben wrote:
> I've been using libotr (more specifically, bitlbee-otr) and I believe I
> understand the question/answer idea.
>
> My concern is, would it be possible for more than one answer to be allowed
> byte the protocol so that if, for one reason or another your buddy is under
> coercion, they can give a secondary answer that will make it seem on his
> side that he gave the correct answer but the other side will know it?
> Should this be built-in the protocol or each implementation (for example
> bitlbee-otr) could implement it in different ways?
>
> I hope I've expressed myself clearly, english isn't my first language.
Duress answers are not supported by OTR at this time. The underlying
protocol takes great pains to ensure that each run of the protocol can
only check one guess at the answer, so that an attacker is limited to
online guessing. People's answers can have low entropy, so you want the
attacker's success rate to be as slow as possible.
There's also the issue that the coercer in your scenario would *know*
that OTR supports duress answers. What will he do then?
- Ian
More information about the OTR-users
mailing list