Good point.
Note: You forgot to reply to list.
On 02/09/17 22:11, Lachlan Gunn wrote:
> Le 2017-09-03 à 11:48, Mario Castelán Castro a écrit :
>> I am well aware of that. Although deniable encryption is not a panacea
>> it is an improvement. It gives less power to the correspondent to blackmail.
On 01/09/17 08:31, Andrew Gallagher wrote:
> On 31/08/17 03:35, Mario Castelán Castro wrote:
>> Writer and recipient have a Diffie-Hellman key over the same group and
>> know each other's public key.
>>
>> The writer computers the shared secret per the DH algorithm
>
> This is the real trick
On 31/08/17 03:35, Mario Castelán Castro wrote:
> Writer and recipient have a Diffie-Hellman key over the same group and
> know each other's public key.
>
> The writer computers the shared secret per the DH algorithm
This is the real trick though - the DH algorithm requires two-way
Hello. Thanks for your reply. I am aware of the first method as well as
a variation of the second (it had not occurred to me that they both can
use the same key!; I had thought that each correspondent used one key of
his own with a meaningless ID and used only for communication with the
other
On 30/08/17 00:57, Stefan Claas wrote:
> If your communication partners would use the same software, like opmsg.
>
> https://github.com/stealth/opmsg
>
> Or if you would use Bitmessage instead of classic email, then
> you have authenticated/encrypted messages too and can later
> nuke your keys,
On 30/08/17 21:35, Mario Castelán Castro wrote:
> (2) can be signed
> without deniablity implications, but is not necessary.
Apologies. The authentication code should not be signed either to keep
full deniability.
--
Do not eat animals; respect them as you respect people.
On 30/08/17 12:39, Stefan Claas wrote:
> But then it would be imho advisable that you use a different timestamp (time
> in the future), because when verifying the published message the timestamp
> would be earlier than the time the sec key would have appeared on the net,
> right?
Either the
Am 30.08.2017 um 11:43 schrieb Peter Lebbing:
With a little scripting, you could create a new ECC keypair (fast!)
for each
message, sign the keypair with your normal key, sign the message with the ECC
keypair. And when you want to backpedal on a signed message, publish the private
ECC key and
On 30/08/17 11:34, Mario Figueiredo wrote:
> Examples are
> dictatorships, and many forms of human relationships, including job
> relations.
I don't think a repudiable message lets you off the hook in those examples
either, least of all the dictatorship...!
> If one wants to use deniability with
On Tue, 29 Aug 2017 14:33:46 -0400
"Robert J. Hansen" wrote:
> You can prove origination *only if* you can prove the originating PC
> was not compromised. Given how common compromise is today -- a few
> years ago Vint Cerf estimated one in four desktop PCs was compromised
On Tue, 29 Aug 2017 13:21:58 -0500, Mario Castelán Castro wrote:
> Is there any existing, convenient way to do deniable authentication
> for e-mail?
If your communication partners would use the same software, like opmsg.
https://github.com/stealth/opmsg
Or if you would use Bitmessage instead
On 8/29/2017 at 2:26 PM, "Mario Castelán Castro" wrote:Is there any
existing, convenient way to do deniable authentication for
e-mail?
=
There are workarounds to accomplish this:
[1] Sender 1 sends a signed and encrypted pgp e-mail to Receiver 1,
giving Receiver 1 a 'passphrase' which
> We have OpenPGP/MIME to sign and encrypt e-mail, thus securing the
> communication. It is my understanding that the other party can
> publish the signature and the unencrypted message and thus prove
> that somebody in the possession of the private key wrote (or at
> least signed) the message.
13 matches
Mail list logo