[cryptography] OTR and deniability
Ai Weiwei
freeaiweiwei at yahoo.ca
Wed Jul 13 19:37:37 PDT 2011
Hello list,
Recently, Wired published material on their website which are claimed to be logs of instant message conversations between Bradley Manning and Adrian Lamo in that infamous case. [1] I have only casually skimmed them, but did notice the following two lines:
(12:24:15 PM) bradass87 has not been authenticated yet. You should authenticate this buddy.
(12:24:15 PM) Unverified conversation with bradass87 started.
I'm sure most of you will be familiar; this is evidence that a technology known as Off-the-Record Messaging (OTR) [2] was used in the course of these alleged conversations.
I apologize if this is off topic or seems trivial, but I think a public discussion of the merits (or lack thereof) of these alleged "logs" from a technical perspective would be interesting. The exact implications of the technology may not be very well known beyond this list. I have carbon copied this message to the defense in the case accordingly.
If I understand correctly, OTR provides deniability, which means that these alleged "logs" cannot be proven authentic. In fact, the OTR software is distributed with program code which makes falsifying such "logs" trivial. Is this correct?
On a related note, a strange message to Hacker News at about that time [3] seems to now have found a context. Not to mention talk of "compromised" PGP keys: the prosecution witness created a new key pair June 2, 2010 (after 6 months with no keys for that email address -- why precisely then?), and replaced these a day less than one month later -- citing "previous key physically compromised." [4] Note the arrest in the case occurred in between these two events, with encrypted emails purportedly having been received in the meantime: [5]
"Lamo told me that Manning first emailed him on May 20 ..."
What do you think? First the prosecution witness turns out less than credible, [6] now the key piece of evidence is mathematically provably useless...
[1] http://www.wired.com/threatlevel/2011/07/manning-lamo-logs/
[2] http://www.cypherpunks.ca/otr/
[3] http://news.ycombinator.com/item?id=1410158
[4] http://pgp.mit.edu:11371/pks/lookup?search=adrian+lamo&op=vindex&fingerprint=on
[5] http://www.salon.com/news/opinion/glenn_greenwald/2010/06/18/wikileaks
[6] http://www.google.com/search?q=lamo+drugs
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list