[cryptography] OTR and deniability

Ian Goldberg iang at cs.uwaterloo.ca
Sat Jul 16 00:21:45 EDT 2011


On Fri, Jul 15, 2011 at 10:52:39PM +0200, Meredith L. Patterson wrote:
> On Fri, Jul 15, 2011 at 6:45 PM, Marsh Ray <marsh at extendedsubset.com> wrote:
> 
> > On 07/14/2011 01:59 PM, Steven Bellovin wrote:
> >
> >> Put another way, the goal in a trial is not a mathematical proof,
> >> it's proof to a certain standard of evidence, based on many different
> >> pieces of data.  Life isn't a cryptographic protocol.
> >>
> >
> > The interesting thing in this case though is that the person providing the
> > plaintext log file is:
> >
> > a) a convicted felon
> > b) working for the investigators/prosecutors (since before the purported
> > log file's creation?)
> > c) himself skilled in hacking
> >
> 
> Those bullet points are far more likely to be brought up at trial than any
> of the security properties of OTR. Defense counsel has to weigh the benefits
> of presenting evidence -- will it get some point across, or will it be lost
> on the judge/jury?
> 

Just to be clear: there are _no_ OTR-related mathematical points or
issues here.  The logs were in plain text.  OTR has nothing at all to do
with their deniability.

   - Ian



More information about the cryptography mailing list