Hi, last night in a discussion (in meat space) the issue of plausible deniability came up again. As far as it stands, I guess most people are of the opinion that even if a protocol features the capability for plausible deniability, it probably won't hold up in court.
We've been thinking what could be done to "better" the chances that something like this might actually hold up. That one could believably argue that one for example has been framed through a doctored/manufactured transcript. One thought was, that it's too difficult to make anybody believe that somebody has actually tampered with a transcript. So, an idea came up that one actually might just need to provide a tool that's reasonably easy to use for an average Joe to read a recorded transcript, edit it, and save the modified version again. I could imagine this to work reasonably easy, if one can actually use an existing session transcript as a "seed", which includes the initial session key negotiation, and in the following only authenticates messages through session secrets, rather than using the long term static secrets (like private OTR key, or any other personal authentication mechanism). Any thoughts on this? I think this might in scope actually make a nice student project for some final year comp sci students. Guy
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
