Encrypting / Signing the mail subject?

Stephan Petson gpg at nym.mixmin.net
Sun Jan 18 02:11:37 CET 2015


On Sat, 17 Jan 2015 15:26:46 +0100, Hanno Böck <hanno at hboeck.de>
wrote:

>I had hoped to solve this with very little complexity, but it turns out
>there are probably more things to worry than first thought.

Hi Hanno,

there's the Omnimix proxy server with its Whole Message Encryption.
It encrypts the complete message including the (filtered) header
section, which means the complexity of its MIME structure doesn't
matter at all.  By adding a random quantity of dummy load prior to
encryption even the net size of your mail can't be assessed by an
adversary.  The message to be sent consists of an envelope
containing merely the destination address(es) and optionally a
meaningless subject followed by a body with a single PGP text block.
The recipient finally either also uses that mail proxy to remove the
encoding layer and forward the result, or he manually decrypts the
message with a subsequent import into his mail client.

http://www.danner-net.de/om.htm
https://en.wikipedia.org/wiki/Anonymous_remailer#Remailer_software

Regards, S.P.



More information about the Gnupg-devel mailing list