Hi, normally I just read this list but something just came up in a conversation and I can't find any existing solutions:
Let's say A wants to talk with B privately (not necessarily securely, but there can't be witnesses since the content of the conversation may contain private matters). The problem is that B has a history of lying about such conversations, so A wants to be able to prove as much as becomes necessary to deflect allegations, but also little as possible to protect the privacy of either side or third parties (or the other way around, as usual the solution would ideally be symmetric). It's possible to use OpenPGP to get somewhat near the intended behaviour, but the chunks that would become unverifiable would become very large. (If you quote the last message you received and go for a strictly alternating conversation you lose unilateral proof for two messages for any redaction in them.) Ideally it would be possible to redact (but not reorder!) on word boundaries without revealing how much was redacted, while also not publishing signatures for the redacted parts (since they would be short and too easy to brute-force, at least as I understand the topic). I can sort of imagine a scheme that would allow this, but it would have relatively heavy overhead and is far from anything I know in terms of existing programs. (Basically it would create signed versions for all eventualities, at least per message, during the conversation.) It would be great if any of you knew a tool that allows a conversation of this kind to take place. Tamme _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
