Deniability

Jerome Baum jerome at jeromebaum.com
Mon Mar 21 15:58:02 CET 2011


"Robert J. Hansen" <rjh at sixdemonbag.org> writes:

> OpenPGP is not meant to provide deniable communications.  It is
> concerned primarily with message confidentiality (encryption) and
> message integrity (signing).  Just like blenders blend, PFDs float, and
> it's unwise to try and make one do the other's job, I think it's unwise
> to crowbar OpenPGP into being a deniable protocol.

Deniability is  "nice", but more  generally confusing Mallory is  a Good
Thing(tm) as she'll have more work to do. Providing deniability seems to
imply more work  on the part of  Mallory. Say the point is  not to prove
"Alice sent  Bob a  message", but  instead Mallory wants  to get  at the
plain-text. If she  can't know for sure that Clyde can  decrypt it -- or
any specific person -- then she'll have to steal several keys before she
finds the right one.

-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 880 bytes
Desc: not available
URL: </pipermail/attachments/20110321/35d56530/attachment.pgp>


More information about the Gnupg-users mailing list