Quoting Michael Rogers <[email protected]>:
On 17/04/15 20:08, Trevor Perrin wrote:
IMO there's a useful notion something like "don't leave signed
messages around by default" and then stronger academic notions around
the idea of "interacting with Alice doesn't give Bob anything he
couldn't simulate", which are somewhat dubious (again, IMO) since once
you start considering that Bob is actively trying to defeat Alice's
deniability he could simply share his private key with the 3rd-party
judge and have the judge execute the protocol as him.
"Don't leave signed messages around" is fine for now.
What is your opinion if I there are signed messages around but also the
private key with which the message was singed? Would that meet your notion
of deniability?
Berkant
--
http://cryptolounge.net
_______________________________________________
Messaging mailing list
[email protected]
https://moderncrypto.org/mailman/listinfo/messaging
