Marsh Ray wrote:
On 07/15/2011 11:21 PM, Ian Goldberg wrote:
Just to be clear: there are _no_ OTR-related mathematical points or
issues here. The logs were in plain text. OTR has nothing at all to do
with their deniability.
It's a good bet the entirety of the informant's PC was acquired for
computer forensic analysis, as well as every PC Manning is known to have
touched. There's a good chance some traffic data was retained from the
network where Manning allegedly did the chatting and data transfer.
Sure the logs we see are in plain text, but that's almost certainly not
all the data in play. Deniability may yet still depend on OTR and its
implementation.
Note that the logs indicate the parties were unauthenticated and the
connection was bouncing. Was this a man-in-the-middle interception? Does
the protocol and implementation issue a message to the user when an
"unauthenticated" identity changes its key?
- Marsh
I didn't look at the details of this incident/case beyond the discussion
on this list.
However, it appears that the two questions in the last paragraph below
are sufficiently doubt casting for challenging the electronic evidence
as a reliable account of a conversation using electronic means.
Thus, the OTR protocol (including detection of re-keying exchange) would
appear to have the indirect result of reporting tampering-in-the-loop.
Maybe not as a specific design goal, but as a consequence of
cryptographic processing which makes everything more error-prone.
Just my 0.02 cents.
- Thierry Moreau
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
