Standards and PGP wraper
nb at thinkcoach.com
Fri Nov 13 11:10:57 CET 1998
Matthew Skala <mskala at ansuz.sooke.bc.ca> wrote:
> Wouldn't it be better to reveal the session keys for the messages in
> question, rather than your secret decryption key which can be used to
> decrypt any messages?
Yes: Much, much better!
So this would suggest two new functions of gpg:
a) Save session key of a given encrypted message to a file (this
requires possession of one of the secret keys the message was
b) Decrypt a given encrypted message using a seesion key from a
file (does not require possession of one of the secret keys
the message was encrypted for).
I suppose this would also provide a way of complying with search
warrants etc. without compromising any of the keys on your secret
However if the persecution wants to get at all my encrypted stuff
and not just that for which they have a search warrant, they might
have the resources to use a TEMPEST attack aginst me and/or have my
Here is an alternative to the ideas above, which is feasible even
without adding new features to pgp or gpg:
* Any information which is so confidential that you wouldn't even
want to make it public when presented with a search warrant (or in
the alternative scenario which I outlined) should be committed to
(human) memory and then the on-disc copy should be deleted
immedately (using a file deletion tool which overwrites the file's
location on disc with random data very often.)
* Any information which you'd be willing to reveal in such extreme
circumstances would be stored on your computer encrypted with an
additional set of keys which you'd never use for signing anything,
and which you'd be willing to sacrifice under such exceptional
circumstances. (In cases of high paranoia you might want to create a
new set of "sacrificable keys" every week.)
The drawback of this method is that you cannot use it if such
exceptional circumstances surprise you unprepared.
May blessings from the eternal God surprise and overtake you!
Norbert Bollow, Zuerich, Switzerland. Backup e-mail address: NB at POBOX.COM
More information about the Gnupg-devel