Encouraging email security.
Daniel Carrera
dcarrera@math.umd.edu
Sun May 18 01:41:02 2003
--qDbXVdCdHGoSgWSk
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I was thinking about how most people have no understanding or interest in=
=20
email security. OpenPGP is hard enough to understand and use that getting=
=20
the majority of the population to use it seems a formidable task.
I thought of a compromise that might be a step forward. I was hoping that=
=20
those who know more about this than I could offer an opinion.
There could be a mail client with the following properties:
1) Automatically creates a pre-defined key setup (e.g. 4096 RSA,
1024 DSA, 2048 ElGamal).
2) Automatically signs, and encrypts emails (when the pub key is=20
available).
3) Here is the big one:
It stores the user's password in the hard disk, in the style of
Mozilla, so that the user doesn't have to type it. It all happens
automatically.
This would be a significant down compared to the proper use of OpenPGP,=20
but a significant up compared to what exists today. Now emails would go=20
around signed and encrypted. In order to read a message an attacker would=
=20
have to get the password from the recipient's hard drive. A determined=20
attacker could certainly do that, but the casual one would not.
Today's email system is about as secure as a postcard.
This alternative would raise the bar somewhat bit above sending mail in a=
=20
sealed envelope. It raises the effort needed to eavesdrop in a=20
conversation or impersonate someone.
Any thoughts?
--=20
Daniel Carrera | OpenPGP fingerprint:
Graduate TA, Math Dept | 9B32 660B 0557 7D7D 5892 0036 D591 4D05 2938 1B7E
UMD (301) 405-5137 | http://www.math.umd.edu/~dcarrera/pgp.html
--qDbXVdCdHGoSgWSk
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (SunOS)
iD8DBQE+xsje1/ZKhTQTHLARAl8RAKDF3ECNKaKyy055GRIUim3y8QRsTQCfa5BC
NYaDXBVxLE6Ug2YzZ0M+8NY=
=Ne8M
-----END PGP SIGNATURE-----
--qDbXVdCdHGoSgWSk--