[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Plausible deniability (a feature to think about)
On Wednesday 21 September 2005 11:29 pm, Daniel A. Nagy wrote:
> I just got a message from a human rights activist, who pointed out a
> shortcoming of PGP for -- for the lack of a better word -- paranoid
> Imagine, that a conspiracy expects to be infiltrated. They send encrypted
> messages back and forth but they have a dilemma: to sign or not to sign? If
> they do sign, the infiltrator will have damning evidence on his hands and
> the bad guys will be able to crack down on the conspirators. If they don't
> sign, the infiltrator will be able to forge messages and thus seriously
> interfere with the activities of the group (e.g. call off action in the
> name of the ringleader, etc.).
>The sender can plausibly deny authorship, claiming that the receiver has
>forged it using his private key and the sender's public key.
Interesting thought experiement.
I led the development team of the solution used by the CryptoRights Foundation
our solution consisted of management tools, user interfaces, translations, and
other niceties around a gnupg based engine.
We were most concerned with chain of evidence and verifiability, not plausible
deniability. In the real world, most human rights organizations already have
extensive methods of verifying information that is provided to them, and
informers have elaborate methods of communicating that information, that only
rarely involves electronic communication, encrypted or otherwise, becasue of
the danger of interception. In a country (like China) where much/most
private use of encryption is disallowed anyway, sending *any* encrypted
message is a risk that most human rights workers and informers will not take.
I don't think that OpenPGP needs a new shared-secret method of communication,
or that the spec needs another wrinkle for implementors to chew on.