[cryptography] OTR and deniability
freeaiweiwei at yahoo.ca
Wed Jul 13 22:37:37 EDT 2011
Recently, Wired published material on their website which are claimed to be logs of instant message conversations between Bradley Manning and Adrian Lamo in that infamous case.  I have only casually skimmed them, but did notice the following two lines:
(12:24:15 PM) bradass87 has not been authenticated yet. You should authenticate this buddy.
(12:24:15 PM) Unverified conversation with bradass87 started.
I'm sure most of you will be familiar; this is evidence that a technology known as Off-the-Record Messaging (OTR)  was used in the course of these alleged conversations.
I apologize if this is off topic or seems trivial, but I think a public discussion of the merits (or lack thereof) of these alleged "logs" from a technical perspective would be interesting. The exact implications of the technology may not be very well known beyond this list. I have carbon copied this message to the defense in the case accordingly.
If I understand correctly, OTR provides deniability, which means that these alleged "logs" cannot be proven authentic. In fact, the OTR software is distributed with program code which makes falsifying such "logs" trivial. Is this correct?
On a related note, a strange message to Hacker News at about that time  seems to now have found a context. Not to mention talk of "compromised" PGP keys: the prosecution witness created a new key pair June 2, 2010 (after 6 months with no keys for that email address -- why precisely then?), and replaced these a day less than one month later -- citing "previous key physically compromised."  Note the arrest in the case occurred in between these two events, with encrypted emails purportedly having been received in the meantime: 
"Lamo told me that Manning first emailed him on May 20 ..."
What do you think? First the prosecution witness turns out less than credible,  now the key piece of evidence is mathematically provably useless...
More information about the cryptography