E-mail with deniable authentication

vedaal at nym.hush.com vedaal at nym.hush.com
Tue Aug 29 22:00:51 CEST 2017


On 8/29/2017 at 2:26 PM, "Mario Castelán Castro"  wrote:Is there any
existing, convenient way to do deniable authentication for
e-mail?
=====

There are workarounds to accomplish this:

[1] Sender 1 sends a signed and encrypted pgp e-mail to Receiver 1, 
giving Receiver 1 a 'passphrase'  which they will agree to use for the
next encrypted messages.

[2] Sender 1 and Receiver 1 now send conventionally encrypted messages
with this passphrase, but without signatures.

[3] They both know that only the person who knows the passphrase could
have sent it.

[4] If they want deniability, they can say that the passphrase 'leaked
out' and anybody who it leaked to could have sent it.
Alternatively,

One can generate a keypair with a random name, and send it to the
other one, and they can both sign with it, but encrypt to their own
non-shared keys.

Again, this signing key can be 'leaked' to the public for deniability,
if necessary.
There are probably other similar variations of this approach.
vedaal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20170829/3e78699a/attachment.html>


More information about the Gnupg-users mailing list