symmetric email encryption

Hauke Laging mailinglisten at
Sat Jul 19 03:46:56 CEST 2014

Am Fr 18.07.2014, 13:49:54 schrieb Robert J. Hansen:

> If/when a key is compromised, all traffic that has been generated or
> will be generated with that key gets compromised, and there's no
> guarantee about whether you'll know the key is compromised -- so it's
> only sane to have an agreed-upon rekeying policy.  "Keys will be used
> for three days tops", for instance, limits your exposure to a
> three-day window, but it requires you to rekey every few days.
> Key management is a killer problem.  If you don't take it dead
> seriously it'll hug you and love you and name you George[*].

Are symmetric keys more probable to be compromised than asymmetric ones? 
Who even on this list makes a keyring update at least every three days?

I guess this discussion does not go well because of a misunderstanding 
or wrong expectations.

You and Ingo are talking about "real crypto" issues.

BTW: I had thought that meanwile my image here should be that I take key 
management (and other stuff) too seriously instead of not seriously 
enough. Usually I suggest something and the reaction is something like 
"Let's not make it more complicated; who is supposed to use it yet?"

What I am suggesting is neither an alternative to regular OpenPGP 
encryption nor meant as "real crypto" at all.

I think we all can agree that those 99% have decided not to use e2e 
crypto at all. Let alone real e2e crypto. Snowden has caused only a 
small change to that. I could tell you stories (a few days old) from 
German universities and IT security associations which would probably 
make you cry. So nobody knows if, when and why this may change. Maybe 
Ingo's suggestion does the job. Haven't herad about STEED for quite a 
while though. And I appreciate every effort in this area. But I don't 
think that it can be implemented only if mine is not...

I am talking about a feature for those who don't care to use crypto *at 
all*. I would like to offer something easy to these people. Not "easy" 
in a "You have 30 contacts and have to send 5 emails to each" scenario 
or even in a "well calculated" sense but "easy" as in

a) "You just have to install a software" (people are used to installing 
software and not afraid of it) and "You need not configure it"

b) "You just need a password." Everyone knows what a password is and 
isn't afraid of using one. Nobody knows what key pairs are and why you 
should authenticate them.

This is not a replacement feature for people who often encrypt mails. 
This is supposed to be for people who want to encrypt a single mail or a 
few of them. And these "I have no clue" people most probably do not 
expect the same security level from such an ad hoc solution like from 
real crypto technology - which they would have to understand and learn 
first. Thus IMHO it does not make sense to discuss possible security 
glitches about this because they are not an issue for the group of 
people who would otherwise not use crypto at all.

Like vedaal I assume that people who use this feature often would 
probably change to asymmetric crypto.

Crypto für alle:
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140719/a296643f/attachment-0001.sig>

More information about the Gnupg-users mailing list