[18887] in cryptography@c2.net mail archive
Re: gonzo cryptography; how would you improve existing cryptosystems?
daemon@ATHENA.MIT.EDU (Jon Callas)
Wed Nov 9 17:41:43 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <d4f1333a0511041723w3376f0d4l314f33cec6421b06@mail.gmail.com>
Cc: cryptography@metzdowd.com, cypherpunks@jfet.org
From: Jon Callas <jon@callas.org>
Date: Wed, 9 Nov 2005 14:27:46 -0800
To: Travis H. <solinym@gmail.com>
On 4 Nov 2005, at 5:23 PM, Travis H. wrote:
> For example, pgp doesn't hide the key IDs of the addressees.
But OpenPGP does. Here's an extract fro RFC 2440:
5.1. Public-Key Encrypted Session Key Packets (Tag 1)
[...]
An implementation MAY accept or use a Key ID of zero as a "wild
card"
or "speculative" Key ID. In this case, the receiving implementation
would try all available private keys, checking for a valid decrypted
session key. This format helps reduce traffic analysis of messages.
Now, there has been much discussion about how useful this is, and
there are other related issues like how you do the UI for such a
thing. But the *protocol* handles it.
You might also want to look at the PFS extensions for OpenPGP:
<http://www.apache-ssl.org/openpgp-pfs.txt>
and even OTR, which is very cool in its own right (and is designed to
take care of the sort of edge conditions all of these other things
have):
<http://www.cypherpunks.ca/otr/>
Jon
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
