E-mail with deniable authentication
vedaal at nym.hush.com
vedaal at nym.hush.com
Tue Aug 29 22:00:51 CEST 2017
On 8/29/2017 at 2:26 PM, "Mario Castelán Castro" wrote:Is there any
existing, convenient way to do deniable authentication for
e-mail?
=====
There are workarounds to accomplish this:
[1] Sender 1 sends a signed and encrypted pgp e-mail to Receiver 1,
giving Receiver 1 a 'passphrase' which they will agree to use for the
next encrypted messages.
[2] Sender 1 and Receiver 1 now send conventionally encrypted messages
with this passphrase, but without signatures.
[3] They both know that only the person who knows the passphrase could
have sent it.
[4] If they want deniability, they can say that the passphrase 'leaked
out' and anybody who it leaked to could have sent it.
Alternatively,
One can generate a keypair with a random name, and send it to the
other one, and they can both sign with it, but encrypt to their own
non-shared keys.
Again, this signing key can be 'leaked' to the public for deniability,
if necessary.
There are probably other similar variations of this approach.
vedaal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20170829/3e78699a/attachment.html>
More information about the Gnupg-users
mailing list