Encouraging email security.

Daniel Carrera dcarrera@math.umd.edu
Sun May 18 23:44:02 2003 

--lrZ03NoBR/3+SXJZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

> >>I do not know how to get around this cultural gap...
> >
> >Its not so much a cultural gap, as computer illiteracy.
>=20
> I believe this to be an extremely important point, as it determines
> what (if anything) is worth undertaking. I subscribe to the
> "cultural gap" school. Stated simply, those that have no interest
> in keeping their mail private now will not change their mind
> anytime soon.

As with most things, there is a continuum of interest.  The smaller the=20
effort required to use encryption the more people will use it.


> The solution is not a more automated force-feeding of the same complex=20
> system onto unwilling and unprepared, the solution is a simpler, easier=
=20
> to use and understand public key encryption program, targeting an=20
> entirely diferent cost/benefit point of ballance.

I agree, 100%.

Indeed, I know of a certain group of people who would JUMP at GPG if it=20
were easily accessible to them.  Allow me to elaborate:

I am a Christian.  Some times, some of my Christian friends go to the=20
third world to perform humanitarian work in places where Christians are=20
persecuted.  Just last month someone I know departed to a "secure" region=
=20
of the world where, if her faith were discovered, her life would be in=20
danger.

Furthermore, the email comming into this particular place is routinely=20
screened for Christian words.

The need for secure communication is nowhere as obvious as here.

Because of this, she gave everyone a "theasorous" which maps Christian=20
words to other words, some of them made up, that shouldn't be picked up by=
=20
the screening computers.

When I heard her describe this I was shocked.  What she is describing is=20
the most archaic type of encryption possible.  I talked to her after the=20
talk.  She actually does know about encryption, she knows what PGP is and=
=20
she uses it with a tiny group of people.  She explained to me that it just=
=20
wasn't a viable option for the bulk of the population who have no=20
knowledge of it.

If GPG were more popular, we could all just have given her our=20
fingerprints (or just key IDs!) and ensured a much more secure form of=20
communication.

I intend to converse with my pastor at some point, so that future=20
missionaries will be able to use GPG when they try to do humanitarian work=
=20
in sensitive areas of the world.  But first, I want to find the easiest=20
way to get them to use GPG.  The problem is that for this to work we'd=20
need to get ALL of the prayer partners (~40 people) using it.

That's part of why I'm keen on finding the path of least resistance=20
towards encrypted communication.


> In a very rough form, the salient characteristics of such
> program would IMHO be:
>=20
> Only encryption/decryption, no message signing/authentication.

I don't see how signing/authentication complicates anything.
The concept is really simple, and if it happens automatically it requires=
=20
no extra effort.  Simply have the MUA sign all email, and verify all=20
signed email, period.

> No cipher/key width choice.
>=20
> No control of public key exchange and authentication.
> Public keys are simply computer files, passed around as one
> would pass around (for instance) his digital photos.

I agree.  We also need to find an easy way to pass the keys around. =20
That's why I advocate the keyID-based method.  Pass around key IDs and=20
have the MUA download the keys from a server.


> Medium (instead of computer) resident, no installation,
> mobile-use-friendly.

I'm not sure I understand this one.


> Functions that a user of such program would be able to
> perform would be limited to 4 (four):
>=20
> 1) Generate key-pair.
>=20
> 2) Generate and display human-readable key hash.
>=20
> 3) Encrypt text.
>=20
> 4) Decrypt text.
>=20
> (and absolutely, ABSOLUTELY, nothing else... :)

I would add signing/authentication, but since it happens automatically=20
there is no "sign" or "authenticate" function.  No added complication.  It=
=20
just does it.

We can simplify (2) by simply making the MUA display the Key ID=20
somewhere on the UI automatically.  No option.  Just as it displays my=20
name and address when I'm writing an email, it would display my key ID.

Cheers,
--=20
Daniel Carrera         | OpenPGP fingerprint:
Graduate TA, Math Dept | 9B32 660B 0557 7D7D 5892 0036 D591 4D05 2938 1B7E
UMD  (301) 405-5137    | http://www.math.umd.edu/~dcarrera/pgp.html

--lrZ03NoBR/3+SXJZ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (SunOS)

iD8DBQE+x/711/ZKhTQTHLARAt9bAJ4uqq/tIZ/qNQyp+HXSR1QaNZIyjACgpiq6
2g3Bjw4pX0OOdW8x6vH6/wo=
=9wXP
-----END PGP SIGNATURE-----

--lrZ03NoBR/3+SXJZ--