>Message: 4 >Date: Thu, 22 Jul 2010 21:19:50 +0100 >From: Andre Amorim <an...@amorim.me> >To: GnuPG Users <gnupg-users@gnupg.org>
>Do we have a "plausibly deniable" option ? GnuPG can be used for plausible deniability both for encrypting and for signing: [1] hiding the identity of the encryption: The 'throw-keyids' option hides which keys the message is encrypted to (beware of this option, as it is useful only under very limited circumstances, i.e. posting anonymously in a newsgroup like alt.test, and where your threat model doesn't include government agencies or organized crime, so you can communicate by encryption but without using e- mail The reason to *not* use this option, is that it can be used by government to get access to all your keys and passwords! The government can claim, that in order to prove that you did not encrypt this, it must try all the keys in your possession, and in order to make sure that you didn't intentionally enter the 'wrong' password, it needs to enter the correct one. (The prosecutor may graciously allow you to change your passwords to temporary ones for this purpose, but if they can copy the key, then it won't really help you ;-) ). In fact, if one wanted to think 'really paranoid', then in a country where there is a law where people must surrender an encryption key upon demand to decrypt a message, then what prevents an intelligence agency from 'planting' a throw-keyid encrypted message on your computer by simply e-mailing it to you from an anonymous e-mail account? The message can be done with keys that only the intelligence agency has, and since you really didn't encrypt the message, you can't give up the session key, and now the government wants *all* your keys and passwords to prove you didn't encrypt the message. (Actually, you might try a defense that forcing you to try to decrypt a throw-keyid message using all the keys in your possession is already a violation of 'cruel and unusual punishment' ;-) ) [2] hiding the identity of the signer: (a) generate a new keypair and give it to a person you want to have 'plausible deniability' with (b) a signed message shown to anyone else, only means that 'one' of you signed it. Both of you know which one 'really' signed it, but neither can prove it. vedaal _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
