Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>Anyone can forge messages after a conversation is complete to make them look like they came from you.

"I didn't send those messages your honour. Someone forged them. I am a victim of a conspiracy!"

"Do you have any evidence that this actually happened?"

"No."

"...moving right along..."

It will be fun if someone from this actually tries a cryptogeek argument in real life...



Ross Ulbricht tried essentially that defense.


Exactly. The tricky part of plausible deniability is that it needs to actually be plausible. People very often screw this part up. EG they'll make a TrueCrypt/VeraCrypt hidden volume, but then won't modify the outer volume with the same access patterns to hide their usage of the hidden volume.


Doesn't this put the burden of proof on the accused?


People have been claiming they have been framed since forever. If claiming you were framed with zero proof actually helped in any way then every one would do it and much time would be wasted.

In the case of a crypto forgeablity argument there will never be any proof. It will always be a false claim. It is a silly idea.


> People have been claiming they have been framed since forever.

Yes they have, but they have been doing so in the face of circumstantial evidence: DNA, fingerprints, blood, whatever. Or eyewitness evidence: someone saw you go in the building at such and such time (perhaps there is a surveillence video).

If someone has nothing of the sort on you and their entire claim is that you wrote some digital message, I'd think the onus would be on them to prove their extraordinary claim somehow.


Just like with any other evidence. My point is that the possibility of forgery makes no difference at all to that.


A piece of digital text isn't a forgery; there is no concept of authenticity in it in the first place to serve as a backdrop legitimizing the use of the word "forgery". It's not like planting someone's hair, or imitating their signature. You need absolutely nothing from the victim, and to expend no effort.


The concept seems to have come from the original off the record (OTR) messaging proposal. The concern was that, say, a PGP signature could create a situation where there was objective proof that someone had created a particular message. By making forgery possible the theory was that someone could disclaim the message. I have been writing some PGP fandom articles lately which is why I am up on the subject. The relevant articles:

* https://articles.59.ca/doku.php?id=pgpfan:off_the_record

* https://articles.59.ca/doku.php?id=pgpfan:repudiability

So I am not disagreeing with what you said, it supports my contention that forgability is a silly cryptographic feature if there is no proof in the first place.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: