symmetric email encryption

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Sat Jul 19 17:51:23 CEST 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Friday 18 July 2014 at 11:34:19 PM, in
<mid:1460534.5JfKcsUOYz at thufir.ingo-kloecker.de>, Ingo Klöcker wrote:


> Sure. But the NSA already knows the correspondents of
> all of our mail  anyway. Keyserver lookups do not add
> any additional data (except of the information that you
> are trying to look up a key resp. that you are  talking
> to a keyserver).


Time of use is a big piece of information that a keyserver lookup
could add. And, maybe, IP address, operating system, software...



> Good point. Automatic decryption should be possible for
> those that want it. My scheme is mostly meant as
> in-transit encryption which again is  way better than
> our current status quo.

And the choice whether to store their emails encrypted or decrypted.
Storing decrypted could be an issue, especially if the emails are
stored on a server rather than the user's machine.


> Peter Lebbing wrote:
>> An e-mail system with a default big usability issue
>> will get swapped out for a more pleasant to use one.

It might, but Outlook is in widespread use despite major usability
issues.


> Peter Lebbing wrote:
>> Finally, I think people might take issue with their
>> e-mail address automatically being posted to a public
>> keyserver.

A certain minority would take exception to this, including myself. It
is less of a problem for me with the automatic upload of just a single
email address per key and no name/identity information.



> How exactly does one harvest email addresses from the
> keyservers? Can I ask keyservers to give me all keys it
> has in storage? Or do I need to  search for keys
> matching a certain substring? I honestly don't know.
> Anyway, if this really becomes a problem than key
> lookup probably needs to be made as inconvenient as
> trying to send email probes to randomly  generated
> email addresses.

Isn't key lookup already more inconvenient than randomly generating
email addresses? Or have I missed something?



> For my scheme to work the keyservers would only need to
> return keys  where the email address part of a uid
> exactly matches the recipient's  email address.

The email address could be hashed in the key UID that's automatically
uploaded...



> Moreover, for my scheme to work no key certification is
> necessary, i.e. crawling from one key to the next via
> certification  signatures wouldn't be possible.

Some people have specific use cases where key certification is needed.
But most email communication doesn't have a way of being sure who
controls the address.



> The scheme has more issues: For example, there's no
> message integrity  protection (via signing) whatsoever.

There's no reason not to have it.




- --
Best regards

MFPA                    mailto:2014-667rhzu3dc-lists-groups at riseup.net

Live your life as though every day it was your last.
-----BEGIN PGP SIGNATURE-----

iPQEAQEKAF4FAlPKlAZXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5pFTIEAJ1acb0+CvHLkAuCtqnTed1L6v8xsvbvbNXz
TS8oaZ7cCzBo9PK3nllDl1AM/qw4tpopLpwNH5H3ByjrzrPZjyonV8bSZoyFffwd
U+hhSeaPEFI5Ox5pAdtnb3Mu0troNatcnKAdbgdykMlwsyEy0ez48qWeudlRy0Nr
xiBR99za
=wmKi
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list