From smb@cs.columbia.edu Fri Jul 6 02:39:12 2018 From: Steven Bellovin To: cypherpunks-legacy@lists.cpunks.org Subject: Re: [cryptography] OTR and deniability Date: Fri, 06 Jul 2018 02:39:12 +0000 Message-ID: <172289084006.3849117.8365169648894067204.generated@mail.pglaf.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1604514579915415418==" --===============1604514579915415418== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable The two Ian G's have it correct: while OTR provides (some level of) lack of e= vidence within the system, it says nothing about external evidence like netfl= ow records, which machine the logs were taken from, etc. To pick one bad exa= mple -- bad because I don't know if it fits the facts of this case -- if one = party to a purported conversation turned over a log file, and forensic examin= ation of the second party's computer showed the same log, I suspect that most= people would believe that those two parties had that conversation. Of cours= e, the authenticity of the log files could be challenged -- did the first par= ty hack into the second party's computer and plant the log file? had someone= else hacked into it and used it to talk with the first party? -- but that's = also outside the crypto protocol. Put another way, the goal in a trial is not a mathematical proof, it's proof = to a certain standard of evidence, based on many different pieces of data. L= ife isn't a cryptographic protocol. --Steve Bellovin, https://www.cs.columbia.edu/~smb _______________________________________________ cryptography mailing list cryptography(a)randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- --=20 Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE --===============1604514579915415418==--