Key selection order

NdK ndk.clanbo at
Thu Jan 14 22:41:57 CET 2016

Il 14/01/2016 21:06, Andrew Gallagher ha scritto:

> Tofu does not guarantee identity persistence. Just because your correspondence hasn't been obviously tampered with (yet) does not mean that someone hasn't been MITMing you all along and biding their time.
As usual, it depends on your attack scenario.
If I have 10-years-old mails from someone I've never met, and all use
the same key, I can assume that either 1) that identity belongs to the
same person or 2) that an attacker MITMed *all* my connections (from
every device I've had wherever I was and to every service I used).
Occam's razor and my "exposure profile" make me think it's 1) :)

In other words, *time* can be considered an 'out of band' channel.

For others, very "high profile", it could be possible that such an
attack might be performed, even if it's quite unlikely, unless there's
*a lot* of money involved.

What I learnt from OpenAlarm is that there's always to balance cost and
security: over a certain limit, costs grow exponentially for marginal
gains in security. So the different options have to be weighted
carefully: you'll have to make different choices if you have to protect
a bank instead of a garage.


More information about the Gnupg-users mailing list