Plausible deniability

From Bitmessage Wiki
Jump to: navigation, search

Plausible deniability is an important part of bitmessage.

Reasons

Messages are not only encrypted, but also signed with the senders address. This prevents strangers to claim to be a specific person but it also might cause trouble. if a message is decrypted and the signature is verified, the content of the message can be used against the sender, especially if his physical location is known.

Actions

Actions for plausible deniability

Deleting

The simplest step is the deletation of the Address Block in keys.dat. It removes the address from the system so it can no longer be used to send or receive messages. With sophisticated data recovery methods (especially on modern file systems) the address block might be recoverable. If the address block is deleted and no messages are sent anymore from it, it probably makes investigators suspicious.

Publication

Sometimes called nuking because of the consequences. A more efficient way is to make the specific address block public. The easiest way is to send it to a widely used Mailing List or DML. It allows the user to pretend, that this is a public address or that he never used it at all. If at least one user copies the address block to his keys.dat, the client starts accepting messages and answers messages.

Consequences of nuking:

  • Impersonation: Everybody can claim to be the rightful owner of the address and can do whatever he wants.
  • Decryption: Every message that was sent to the nuked address can be decrypted by everyone, provided it still exists. Messages are deleted after 2.5 days, but a backup copy might exist somewhere.

This system is actively used on bitmessage.ch.

References

Wikipedia: Plausible deniability