Good point.
Note: You forgot to reply to list.
On 02/09/17 22:11, Lachlan Gunn wrote:
> Le 2017-09-03 à 11:48, Mario Castelán Castro a écrit :
>> I am well aware of that. Although deniable encryption is not a panacea
>> it is an improvement. It gives less power to the correspondent to blackmail.
On 01/09/17 08:31, Andrew Gallagher wrote:
> On 31/08/17 03:35, Mario Castelán Castro wrote:
>> Writer and recipient have a Diffie-Hellman key over the same group and
>> know each other's public key.
>>
>> The writer computers the shared secret per the DH algorithm
>
> This is the real trick thoug
On 31/08/17 03:35, Mario Castelán Castro wrote:
> Writer and recipient have a Diffie-Hellman key over the same group and
> know each other's public key.
>
> The writer computers the shared secret per the DH algorithm
This is the real trick though - the DH algorithm requires two-way
synchronisatio
Hello. Thanks for your reply. I am aware of the first method as well as
a variation of the second (it had not occurred to me that they both can
use the same key!; I had thought that each correspondent used one key of
his own with a meaningless ID and used only for communication with the
other corre
On 30/08/17 00:57, Stefan Claas wrote:
> If your communication partners would use the same software, like opmsg.
>
> https://github.com/stealth/opmsg
>
> Or if you would use Bitmessage instead of classic email, then
> you have authenticated/encrypted messages too and can later
> nuke your keys, i
On 30/08/17 21:35, Mario Castelán Castro wrote:
> (2) can be signed
> without deniablity implications, but is not necessary.
Apologies. The authentication code should not be signed either to keep
full deniability.
--
Do not eat animals; respect them as you respect people.
https://duckduckgo.com/?
On 30/08/17 12:39, Stefan Claas wrote:
> But then it would be imho advisable that you use a different timestamp (time
> in the future), because when verifying the published message the timestamp
> would be earlier than the time the sec key would have appeared on the net,
> right?
Either the timest
Am 30.08.2017 um 11:43 schrieb Peter Lebbing:
With a little scripting, you could create a new ECC keypair (fast!)
for each
message, sign the keypair with your normal key, sign the message with the ECC
keypair. And when you want to backpedal on a signed message, publish the private
ECC key and s
On 30/08/17 11:34, Mario Figueiredo wrote:
> Examples are
> dictatorships, and many forms of human relationships, including job
> relations.
I don't think a repudiable message lets you off the hook in those examples
either, least of all the dictatorship...!
> If one wants to use deniability with
On Tue, 29 Aug 2017 14:33:46 -0400
"Robert J. Hansen" wrote:
> You can prove origination *only if* you can prove the originating PC
> was not compromised. Given how common compromise is today -- a few
> years ago Vint Cerf estimated one in four desktop PCs was compromised
> -- this is a very hig
On Tue, 29 Aug 2017 13:21:58 -0500, Mario Castelán Castro wrote:
> Is there any existing, convenient way to do deniable authentication
> for e-mail?
If your communication partners would use the same software, like opmsg.
https://github.com/stealth/opmsg
Or if you would use Bitmessage instead of
On 8/29/2017 at 2:26 PM, "Mario Castelán Castro" wrote:Is there any
existing, convenient way to do deniable authentication for
e-mail?
=
There are workarounds to accomplish this:
[1] Sender 1 sends a signed and encrypted pgp e-mail to Receiver 1,
giving Receiver 1 a 'passphrase' which they
On 29/08/17 13:33, Robert J. Hansen wrote:
> This is not true except in a theoretical mathematical sense.
>
> For instance, several people in the community (I know I have, and I
> recall Werner saying he as well) have seen PGP-signed spam mails that
> are the result of a home user using Symantec's
Hello.
We have OpenPGP/MIME to sign and encrypt e-mail, thus securing the
communication. It is my understanding that the other party can publish
the signature and the unencrypted message and thus prove that somebody
in the possession of the private key wrote (or at least signed) the message.
One
> We have OpenPGP/MIME to sign and encrypt e-mail, thus securing the
> communication. It is my understanding that the other party can
> publish the signature and the unencrypted message and thus prove
> that somebody in the possession of the private key wrote (or at
> least signed) the message.
15 matches
Mail list logo
