E-mail with deniable authentication
Peter Lebbing
peter at digitalbrains.com
Wed Aug 30 12:46:24 CEST 2017
On 30/08/17 12:39, Stefan Claas wrote:
> But then it would be imho advisable that you use a different timestamp (time
> in the future), because when verifying the published message the timestamp
> would be earlier than the time the sec key would have appeared on the net,
> right?
Either the timestamp can be faked and the repudiated document can have any
timestamp without any proof whatsoever. Both you and the supposed faker could
fake the timestamp.
Or there is a trusted timestamping service which can dependably assert the
minimum age of the document, and you have an extra hurdle to take.
You faking the timestamp has the problem that the signature is odd or doesn't
verify even during the period of time when you wish to have it validly signed.
If you never intended to convey it was true in some sense, you wouldn't sign it
at all. The purpose of a repudiable signature is to first assert validity and
only later deny it, as I understand. It is not something I know a lot about, though.
If there is a timestamping service, you need to make it credible that you had
already published the key by then. It seems credible enough by default. You
could do this from time to time (create ECC keypair, sign it with your key,
immediately publish the keypair), so it wouldn't seem out of character.
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170830/919669a1/attachment.sig>
More information about the Gnupg-users
mailing list