[52032] in Cypherpunks
Re: Remailer passphrases
daemon@ATHENA.MIT.EDU (Bill Frantz)
Tue Mar 12 15:55:14 1996
Date: Tue, 12 Mar 1996 12:30:06 -0800
To: perry@piermont.com
From: frantz@netcom.com (Bill Frantz)
Cc: cypherpunks@toad.com
At 2:51 PM 3/12/96 -0500, Perry E. Metzger wrote:
>Bill Frantz writes:
>> One of the reasons classical (government) crypto users change keys
>> frequently is to minimize the amount of data compromised by a broken key.
>> We keep hearing about NSA decrypting 20 year old cyphertext and showing
>> more of the workings of the atomic spy rings operating in the 40s and 50s.
>> If an opponent can rubber hose the key, her job is easy. If she has to
>> perform cryptoanalysis, it is much harder. Remailers should regularly
>> change their keys to avoid compromising previously recorded traffic. (They
>> can have a long lived key for signing their traffic keys.)
>
>Signed Diffie-Hellman key exchanges have the property known as
>"Perfect Forward Secrecy". Even if the opponent gets your public keys
>it still will not decrypt any traffic for him at all -- it just lets
>him pretend to be you. Thats one reason why protocols like Photuris
>and Oakley use the technique.
Unless I am badly mistaken, these exchanges need interaction, which makes
them unsuitable for simple remailers.
Regards - Bill
------------------------------------------------------------------------
Bill Frantz | The CDA means | Periwinkle -- Computer Consulting
(408)356-8506 | lost jobs and | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA
