[pkg-otr-team] Bug#766936: Bug#766936: Bug#766936: [libotr5] Extended description: "Deniability" is not a feature per se

Ximin Luo infinity0 at pwned.gg
Tue Oct 28 01:11:27 UTC 2014


On 27/10/14 03:08, Harlan Lieberman-Berg wrote:
> On Sun, 2014-10-26 at 21:22 -0400, Filipus Klutiero wrote:
>> Rather than advertising 2 independant items, these could be merged in a
>> "Deniable authentication" item which would contain both sublists.
> 
> One reason why I think "deniability" is important as a separate feature
> is that it is differentiating in the face of other, similar kinds of
> programs.  Most encryption systems are not deniable; in fact, many
> systems are not deniable /by design/.  This message, for example, is PGP
> signed and is not deniable at all.  Anyone who gets a copy of the
> message can verify that I, or someone with control over my private key,
> composed and sent this message.  The Pidgin-Encryption plugin similarly
> doesn't have deniability built into its threat model at all.
> 
> In that context, I think it might be deserving of being listed as its
> own feature.
> 

Both of you are right in some degree. Deniability is indeed a secondary property of the underlying authentication system (note: *not* encryption system as Harlan said). It makes no sense without authentication. However, I'm neutral as to merging the two points.

A related point is that "forward secrecy" is a secondary property of the underlying encryption system. It makes no sense without encryption (i.e. confidentiality).

Personally, I like to introduce these concepts as "forward-secure confidentiality" and "deniable authentication".

X

-- 
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-otr-team/attachments/20141028/bd0ef60f/attachment.sig>


More information about the Pkg-otr-team mailing list