jerome at jeromebaum.com
Mon Mar 21 17:24:11 CET 2011
"vedaal at nym.hush.com" <vedaal at nym.hush.com> writes:
> Any adversary would question as to why the recipient continues to
> receive files undecryptable to him, and also why you are encrypting
> to additional keys, and to whom do they belong, etc.
So let's assume I'm not stupid enough to let that adversary know who I'm
sending the message to. Two options:
1. Use a newsgroup as you suggest below.
2. Randomly send messages that can't be decrypted to random recipients
to obscure matters. The adversary would have to cope with the fact
that I have stuff to hide. :)
> A simple way to do this using gnupg, would be something like the
>  Don't send the file to any recipient who requires deniability.
Yes, per above.
>  Instead of additionally encrypting the file to another key,
> additionally encrypt it symmetrically.
Why would I do that? That together with  that's exactly what gpg does
when using asymmetric ciphers.
>  Use the throw-keyid option when you encrypt to your key.
Yes, per my original suggestion.
>  Post the encrypted file to a newsgroup like comp.pgp.test or
> other group that allows test postings.
Yes, per above. But good idea to not use an anonymous group -- this way
I can say I was testing stuff.
>  Your plausible reason for encrypting conventionally in addition
> to your key, is your concern that you might one day lose your
I don't find that so plausible but yes, agreed that I can make up a
reason. Though I don't see the benefit in symmetric encryption at all
>  Your plausible reason for posting it to a newsgroup, is that
> you are concerned that 'cloud' organizations might go out of
> business, and this is a simple inexpensive backup.
Yes that, or testing.
>  Your plausible reason for using the throw-keyid option, is that
> since you are posting publicly, you prefer to remain anonymous.
I'd say it's a plausible reason to say "I want my privacy". But yes,
this is a good reason.
>  Use a *really good* passphrase (diceware 10 words, [ 7776^10 >
> 2^128 ] ), and find a way to securely make it known to the
Which is what would happen if I used asymmetric ciphers.
>  Since you are using such a 'good' passphrase, it is entirely
> plausible that you could 'forget' it. ;-)
Couldn't I also forget who the key encrypted to? However I might still
be forced to surrender the session key, so maybe encrypt-to-self isn't
such a good default?
> Consider very carefully who your threat model adversary is.
> You don't want to do this with Three Letter Agencies or criminals,
> whereas it might be OK for decent university administrations. :-)
For now just an abstract adverse adversary. :)
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 880 bytes
Desc: not available
More information about the Gnupg-users