E-mail with deniable authentication

Mario Castelán Castro marioxcc.MT at yandex.com
Tue Aug 29 20:21:58 CEST 2017


Hello.

We have OpenPGP/MIME to sign and encrypt e-mail, thus securing the
communication. It is my understanding that the other party can publish
the signature and the unencrypted message and thus prove that somebody
in the possession of the private key wrote (or at least signed) the message.

One way to do deniable authentication is to take a shared secret.and use
that as the key to a MAC function. However, this does not seem to be
implemented in OpenPGP, although it could be done as an additional layer.

Is there any existing, convenient way to do deniable authentication for
e-mail?

Thanks.

-- 
Do not eat animals, respect them as you respect people.
https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170829/e5ff14f5/attachment.sig>


More information about the Gnupg-users mailing list