On March 28, 2007 03:07:45 am senecaso wrote: > Doesn't this imply that you could keep a log of your conversation and still > be able to decode it? They wouldnt be secure anymore, but it sounds like > OTR's focus is ensuring safe communication during not after. I could be > misunderstanding this though.
No, it's a one-way thing. The idea is, after the conversaion is over, someone else could make a conversation log that would have different contents being encrypted, but the message packets are the exact same. This makes deniability a part of the protocol - no one can say "Hey, I know you said <MESSAGE 1> because I have these <PACKETS> packets and I decrypted them with this <KEY 1> key and it says <MESSAGE 1>", because you can also create those <PACKETS> by encrypting <MESSAGE 2> with <KEY 2>, and the data over the wire is identical. So you have total deniability since no one can say for certain that you said what they say you said, even if they got ahold of the chat logs AND the key to decrypt them, it is not prveable that the resulting message is the actual message that was sent. -- http://www.brunescafe.com _______________________________________________ kopete-devel mailing list [email protected] https://mail.kde.org/mailman/listinfo/kopete-devel
