[119102] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: Worthless Disappearing [Self-Destruct E-mail]

daemon@ATHENA.MIT.EDU (AMP)
Thu Oct 14 22:58:41 1999

Message-ID: <380694E3.AE5AF861@pobox.com>
Date: Thu, 14 Oct 1999 21:43:47 -0500
From: AMP <amp@pobox.com>
MIME-Version: 1.0
To: cypherpunks@cyberpass.net
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Reply-To: AMP <amp@pobox.com>

Greg Broiles wrote:
> 
> On Wed, Oct 13, 1999 at 06:29:06PM -0400, Sunder wrote:
> > This is totally worthless no matter how it is implemented.
> >
> > As long as the email can be displayed on a system on which you have
> > administrative control over the display, you can capture the email display.
> > Simple as taking pictures, or using a VCR to record your Playstation games.
> 
> It's not "totally worthless"; it should not be intended as providing
> protection against deliberate archiving, but as protecting against
> accidental retention of something which by policy should have been
> deleted.
> 
> --
> Greg Broiles
> gbroiles@netbox.com


Why even bother to buy into a service that has this feature when you
can't be =sure= that the keys are =really= deleted. The paranoid might
say that this could easily be a front for TLA of USGOV to sucker people
into a false sense of security.

Why not just implement the same thing oneself?

Lets say that you have 3 Freedom Fighters (FF) in a cell, and they want
to use PGP but want to limit their exposure to TLA in case same manages
to Rubber Hose one member of the cell into disclosing his key and
passphrase.

PGP could easily be used to generate and use keys that only last one
week and are destroyed by FF(a), FF(b), and FF(c) each week. (Or
whatever frequency their paranoia so leads them to choose).

It's January 1,2000. Each FF generates a key. Key IDs for weekly
rotation might be FFa12000, FFb12000, and FFc12000. On the 8th, of
January, FFa generates a new key (FFa22000), signs it with FFa12000, and
sends it to FFb and FFc. His compatriots do likewise. Upon receipt of
the new keys for FFb and FFC, he checks the signatures on the new keys
then destroys the secret and public key for FFa12000 and the public keys
for FFb12000 and FFc12000 by burning the floppy they reside upon.

Going forward, providing each member is careful not to leave plaintext
of their plans to resist FEDGOV and their various and sundry TLAs, they
have effectively implemented "self-destruct email and files". 

FEDGOV raids FFa12000, in July 2000 and all it can possibly recover is
this weeks mail and/or files (assuming FFa isn't able to destory the
keys before they can get their goose-stepping hands on it).


This would be fairly easy for a small number of individuals to
implement. For a cell structure it could probably work well if FFa,b,
and c were cognisant of the issues with cryptography. For larger numbers
it would quickly become pretty difficult to manage though.

They could post the keys through anonymous remailers to newsgroups to
hide their identity of course. It would also be easy enough to use some
of the various anonymous websurfing servers to post the keys to a
dead-drop like a webpage or something similar. 

MITA attacks would be minimized by the signature verifications.
Subverting one FF or more would blow the whole deal, but that is pretty
much the case anyway.

If DOS attacks are mounted to impede the exchange of keys, they would
have to have mechanisms to securely tranfer keys in meatspace.

One might say that they could use the automatic expiration of keys
through PGP, but this doesn't buy them the desired security that their
level of paranoia  and desire for absolute denyability of the ability to
decrypt previous data dictates. 

Questions, Comments or Suggestions welcome


-- 
amp@pobox.com
http://zeugma.nu/

What part of "shall not be infringed" do you not understand?

"Come and take it!"


home help back first fref pref prev next nref lref last post