slugrJul 24, 2025

Can this messaging protocol achieve cryptographic deniability?

https://leminal.space/post/23416713

Can this messaging protocol achieve cryptographic deniability? - Leminal Space

I’m designing an identity-less, ephemeral messaging protocol where messages can be forged after-the-fact. The goal is protection against coercion or device seizure scenarios. Core mechanism: * Session keys derived via SPAKE2 from shared secret * ChaCha20 encryption with deterministic nonces: sequence || timestamp * HMAC authentication during conversation Forgery capability: Anyone with session keys can create alternative messages using the same sequence/timestamp that decrypt to different content. My question: Does this actually achieve cryptographic deniability? Are there ways someone could distinguish a real conversation transcript from a forged one? I have a working prototype and want to validate that the approach is sound.

Show threadgrey_maniacJul 24, 2025
Do your forged conversations maintain linguistic integrity? i.e., do they make sense, hold together over the fake conversation, and match the personas of the participants? Digitally testing as valid is one level. If a human reads it, will it still pass?
Show threadslugr

that’s on the person forging, it’s not doing any crazy forging on its own. it could, but like you said, i think that’d run into an issue of not being believable by not matching the personas and conversation context. that said, my belief is you probably don’t need perfect forgeries, just the ability to create plausible ones.

there’s still lots of open questions around usability and the practical deniability of it, just want to make sure the crypto side makes sense.

Jul 24, 2025 at 6:32pmWeb