Bio: Gregor Kopf joined the Recurity Labs team early 2008. Prior to Recurity Labs, Gregor worked as a freelancer for a number of large customers. Gregor is experienced in source code audits, black box analysis and penetration testing. Furthermore, Gregor also performs software/system design work at Recurity Labs. Besides customer engagements, Gregor works on internal research projects, where he applies his taste for cryptography.
Topic of Presentation: Deniability in messaging protocols
Speakers: Gregor Kopf, Bernhard “Bruhns” Brehm
Recent cryptographic primitives and protocols offer a wide range of features besides confidentiality and integrity. There are many protocols that have more advanced properties, such as forward secrecy, deniability or anonymity. In this talk, we’re going to have a deeper look at deniability in messaging protocols. One protocol that claims to offer deniability is OTR. Our goal is to show the limits of deniability, especially in protocols that offer message integrity features (as OTR does). We will do this by constructing a protocol that enables each partner in a conversation to cooperate with an observing party, such that he can proof the authenticity of any message that was part of the conversation to the observing party. Although our construction can probably be extended in a quite general way, we’ll stick with OTR as an example protocol.