[cryptography] OTR and Log Files

Jeffrey Walton noloader at gmail.com
Tue Jul 19 17:50:31 EDT 2011

Hey Guys -

Watching the other OTR thread, what destroyed OTR's deniability
property for Manning? If Manning's machine was logging (does anyone
even know?), I would expect the logs to be the culprit. But if only
Lamo's machine had logs, would the property still hold (as Marsh said,
there are a number of compelling reasons not to find Lamo credible).
In any case, it seems to me that "Perfect Forward Secrecy" [1] no
longer holds, and Manning's conundrum is a proof by counter example:
  * Shortly after Bob receives the message [from Alice], it becomes
unreadable to anyone, anywhere

Should OTR - combined with logging - be considered a bad or flawed
implementation? (According to [1], there's thousands of users of the
protocol, all of whom could be logging).


[1] http://www.cacr.math.uwaterloo.ca/conferences/2006/psw/Goldberg.pdf

More information about the cryptography mailing list