As far as my understanding goes, MACs are used to determine whether the received message comes from a source with access to a MAC-key, which both parties know.
Some crypto protocols reveal their used MAC keys after using them for message-exchange (e.g., OTR). Explanations (I read) often say that revealing MAC-keys after using them creates the possibility of a third-party attacker gaining access to these keys and thus being able to also calculate the MAC. This leads to me not being able to prove to anyone who actually sent the received message since now everyone can calculate the MAC of it (including myself).
Now let's say Mallory can record my conversation with Alice. Mallory can also record the timestamps of when I sent a message to Alice and when Alice sent a message to me.
After the conversation, she wants to prove to me that I have been talking to Alice and shows me the timeline record of our conversation + MAC key. Since I revealed the used MAC keys after the conversation, I can't prove to her whom the messages were coming from since now everybody can calculate the MACs for the messages. But Mallory can prove to me the exact timely order of the message exchange + which MAC key was revealed at which time.
Does this eliminate the fact of gaining deniability through revealing MAC keys?
Furthermore, by revealing the MAC keys, is Mallory now able to prove for sure that the messages were coming from either Alice or me, since revealing the key only takes place after sending a message to the other party?
In particular, I am thinking about my country where ISPs are bound by law to data preservation and so can prove to you the timely order of a message exchange.
