On Tue, Feb 19, 2013 at 10:58 AM, Ileana <[email protected]> wrote: > Another note on this: doesn't this destroy your "plausible > deniability"? If there is some DSA key stored on my computer, that I > keep showing to everyone I chat with, and is recoverable if my computer > is seized...what is deniable about that? > > Until someone can explain that to me, I prefer to generate new keys for > each communication session.
That key is never used to sign your communications. You end up effectively only signing short lived symmetrical keying material. Basically an attacker can show that at some point you participated in a conversation with a particular symmetrical key... but he could gladly use that same symmetrical key on as many conversations as he likes. even ones not involving you... and he can freely author conversations authenticated with that that key, even ones you're not a part of. OTR even includes tools to make forged conversations, so the ability to modify a capture is not just hypothetical. _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
