Secret key holder identity

Janusz A. Urbanowicz alex at bofh.net.pl
Fri Feb 23 14:35:22 CET 2007


On Thu, Feb 22, 2007 at 09:23:00AM +0100, Werner Koch wrote:
> On Tue, 20 Feb 2007 18:02, niknot at gmail.com said:
> 
> > If the system was designed for the real world, the encrypted message
> > would, by default, consist of a binary data set, indistingushable from a
> > random stream, until and unless decrypted using the recipient's private key.
> 
> A real world system needs to know the key for decryption and not fall
> back to a time consuming mode of trial decryption with all available
> secret keys.  Some people are using dozens or even hundreds of secret
> keys; in particular if you are using several pseudonyms or key
> rotating.
> 
> OpenPGP is not designed to thwart traffic analysis.  It has merely
> some provisions to help such a system

And the modern anti-terrorist research and operational practice shows, that
you dont need to know actual meessage to do law-enforcement-level-meaningful
traffic analysis.

Alex
-- 
JID: alex at hell.pl
PGP: 0x46399138
od zwracania uwagi na detale są lekarze, adwokaci, programiści i zegarmistrze
 -- Czerski



More information about the Gnupg-users mailing list