Re: E-mail with deniable authentication

[Mario Castelán Castro]

On 01/09/17 08:31, Andrew Gallagher wrote:
> On 31/08/17 03:35, Mario Castelán Castro wrote:
>> Writer and recipient have a Diffie-Hellman key over the same group and
>> know each other's public key.
>>
>> The writer computers the shared secret per the DH algorithm
> 
> This is the real trick though - the DH algorithm requires two-way
> synchronisation in advance of sending the payload. This is easy enough
> with a realtime connection, but much harder with email.

Diffie-Hellman may be used interactively, but it is not necessary.

See the specification of Diffie-Hellman over an elliptic curve emplyed
for *encryption* in OpenPGP as described in RFC 6637
). There is a summary of
the protocol in page 8. Note how it requires no “two-way
synchronization”. As described here, the sender generates an ephemeral
key. If the sender uses *his* ECDH key instead of an ephemeral one then
the shared secret can be used to derive the key of a MAC algorithm and
used for deniable authentication.

Obviously there is the requirement that the receiver knows that the key
used by the sender really belongs to the sender and not an impersonator.
This is a general requirement in public key cryptography also applicable
for digital signatures.

> And as others have pointed out, plausible deniability isn't a panacea.
> It's only really useful in the case where your adversary must prove
> their assertions to an independent fourth party beyond reasonable doubt.
> It might keep you out of jail in a well-functioning democracy, but it
> won't save you from the mafia, the CIA or Kim Jong Un.
I am well aware of that. Although deniable encryption is not a panacea
it is an improvement. It gives less power to the correspondent to blackmail.

-- 
Do not eat animals; respect them as you respect people.
https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Bitcoin private key from GnuPG secp256k1 secret key?

[Stefan Claas]

On Thu, 03 Aug 2017 07:00:04 +0900, NIIBE Yutaka wrote:

> If someone will make transaction to that address for some amount, I
> would resume the development again. :-)

As a little proof of concept i converted my sub signing key to
a private Bitcoin WIF key and send you some Satoshi. :-)

Here you can see that i did it:

https://blockchain.info/address/12rY4qgjXbL3h8gCSaJUJMJ9g9TaPtypC4

People who want to check if it was really me, who did the transaction,
can do the following:

Step 1 : Download my public key from key servers.

Step 2 : Do a gpg -k --with-colons --with-key-data  "Stefan Claas"

Step 3 : When GnuPG list my pub key data look for: sub:u:256:19:
and copy the data string after pkd:1:515:

Step 4:  Visit http://gobittest.appspot.com/Address
and paste in step1 the copied data from my pub key and
press send. In field 9 you can see the Bitcoin address of my
sub signing key. 

People can omit steps 2 - 3 and use Niibe's script. I however was
not able to use the script, because it gave me no output... :-(

The Bitcoin address of my public sub signing key matches the
address as show in the transaction. :-)

Best regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas


pgpn7_Abaqoed.pgp
Description: Digitale Signatur von OpenPGP
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Questions about particular use cases (integrity verification w/o private key, add E flag to primary key, import secp256k1 key)

[Robert J. Hansen]

> I thought you could also tell how many keys it was encrypted to, from
> the output of gpg --list-packets.

Nope.  You can tell how many subkeys it was encrypted for, but not how
many distinct certificates those represent.  If one recipient has 10
subkeys and you encrypt to all 10, there will be 10 packets awaiting
you... but there's no way to determine these all correspond to one
certificate.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Questions about particular use cases (integrity verification w/o private key, add E flag to primary key, import secp256k1 key)

[MFPA]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



On Tuesday 29 August 2017 at 2:24:18 PM, in
, Shawn K.
Quinn wrote:-


> No, that's the whole point of throw-keyids. All
> you're supposed to be
> able to tell when using that option, is that none of
> your keys will
> decrypt the message, so it's not for you.

I thought you could also tell how many keys it was encrypted to, from
the output of gpg --list-packets.




- --
Best regards

MFPA  

I'll tell you what's the matter!  This parrot is dead!
-BEGIN PGP SIGNATURE-

iNUEARYKAH0WIQSWDIYo1ZL/jN6LsL/g4t7h1sju+gUCWaqrDF8UgAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OTYw
Qzg2MjhENTkyRkY4Q0RFOEJCMEJGRTBFMkRFRTFENkM4RUVGQQAKCRDg4t7h1sju
+i9TAP9wHrrVApzeItibVUOzPGo6dF0Q1xWUdzhl2Gf+Fut6XgEA2DscZI9yyPwi
uzNpkEWlyk3Wp863KyXKvSUK3EZR5g2JApMEAQEKAH0WIQRSX6konxd5jbM7JygT
DfUWES/A/wUCWaqrDF8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0NTI1RkE5Mjg5RjE3Nzk4REIzM0IyNzI4MTMw
REY1MTYxMTJGQzBGRgAKCRATDfUWES/A/wZSD/0UrzNDD8KQTwFU1P1YKtQlTM0i
1egLTxx3a4eukon0Cl3H3pniSQNXgtxP8A7BzkNKvWiKT661++WcqB5sQE/Fj9lX
O6zMGLfuKypdTXPC69h7i9rRS4D/yawgAtEIr5Fw2Cj4uUEbBBymQlLlTXUGdmyz
wDTNWWX1V/bTPl4yjZOnYrkD2sd1D2bOTqF9AnInrjARr1lJHZDztEtgKk9y2P5X
JjyI6IQORG6CEoKOraMP3FgK4p5+uFzcpMx7wj7QqgDb80oaRoGLn9eccZKl7OjP
ZHGronabhiVQCAvG1YoeAzusXszmhRxbUOXDsvmQ1/vTyU7/sz+exRaNmSCPN1r7
64M8uuxdYAbkSa1fQ+JbXjbb6hfpwrefASFRYy3wWcUfFecNg6suKCypSFJ6QrVj
q/tp3O6OB6mDoPFZZKXn+FUy0S7G7PNGp8quIUvc7vNRomPXdvz8zq18nO4HXKsX
Pkb5swwBfJkQeXhYGv+wgYCOPDR9+TeK2ZO4csmOUrdqkxsmqgskmjUvrJBiJFuv
BDX+uPkr60iwpzECadxMy9n+iD4jYvsrJxJu8PCJVp6g1m2iWfBmZGM0kLGEhuJF
uCZf4w6w18WWRgatfuwzRsRvCSVFLWx864fsLugVEu/krJ0upieKYZoP/1rGMh8i
H9qMsAgkv9cvWH0T6g==
=mygj
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users