On Mon, 5 Feb 2007, Oded Arbel wrote:
That doesn't work with simple session only encryption, and what I don't understand is how they both offer assurance and deniability, if the next time I'm talking with the same guy I can be assured of his identity but he can later claim that it wasn't him.
Think about how the unique session key is generated: a pubilc key exchange occurs, with or without second factor authentication (on the phone as you said), then a session key is generated and used based on this. The session key is used only once and then destroyed. The next time you connect you cannot in theory know that you are talking to the same person without using the second factor again imho (otherwise you are relying on communication possibly crypted with a private public key sent during the second factor communication). Deniability relies on both sides destroying the session keys immediately after use, the server not storing or saving any. After the fact, only a lie detector can find out if you did talk to the other guy. Of course anybody having run a packet sniffer all the time on either connection (and having listened in on the phone) will only pretend to be using the lie detector since he already knows what he needs to know.
Peter ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
