Robert J. Hansen rjh at
Tue Mar 22 03:08:29 CET 2011

On 3/21/2011 10:58 AM, Jerome Baum wrote:
> Deniability is  "nice", but more  generally confusing Mallory is  a Good
> Thing(tm) as she'll have more work to do. Providing deniability seems to
> imply more work  on the part of  Mallory. Say the point is  not to prove
> "Alice sent  Bob a  message", but  instead Mallory wants  to get  at the
> plain-text. If she  can't know for sure that Clyde can  decrypt it -- or
> any specific person -- then she'll have to steal several keys before she
> finds the right one.

Or she'll just have to kidnap Alice or Bob and beat them senseless with
a lead pipe until they confess.  Deniability is not as useful of a tool
as it is often made out to be.

There is also a flip side: deniable communications put parties in
increased jeopardy.  Imagine Mallory kidnaps Charlene, who is
uninvolved, because she thinks Charlene is involved.  (This sort of
thing happens quite a lot in the real world: for instance, in the '70s
the Israeli Mossad murdered an innocent Norwegian waiter because they
mistakenly identified him as a terrorist.)

Charlene declares her innocence.  Mallory beats her senseless with a
lead pipe.  "I know you're using a deniable system!  Stop denying things
and tell me the truth!"  Charlene tries to prove she didn't receive the
message -- but she can't, because it's a deniable system.  Mallory keeps
on beating her senseless with a lead pipe.  Sooner or later, Charlene
confesses to anything Mallory suggests, just to make the torture stop.

Deniable communications are neat, but there are two huge eight hundred
pound gorillas lurking in the room:

        1.  Deniability doesn't work well against sadists with
            lead pipes.
        2.  Deniability means you can't give the sadists a reason
            to stop.

If this is a thought experiment in how to crowbar deniability into
OpenPGP, I wish you luck.  :)  If you're looking at actually using a
deniable OpenPGP, or recommending others use one, I hope you'll give
serious thought to these two things.

More information about the Gnupg-users mailing list