Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

Stefan Claas stefan.claas at posteo.de
Tue Jun 6 18:07:18 CEST 2017 

On 06.06.17 04:11, Daniel Kahn Gillmor wrote:
> On Tue 2017-06-06 01:24:43 +0200, Stefan Claas wrote:
>> On 05.06.17 22:26, Daniel Kahn Gillmor wrote:
>>> what does "bullet-proof" mean, specifically? 
>> For me it means that the idendicons should be visually easy to read
>> and cryptographically secure. Sorry that i have no better explanation.
> here's one way to try to frame the question: Imagine the situation as a
> game, where you have two players on one team, "defense" named Alice and
> Bob; Alice wants to send a message to Bob.  Another player on the
> opposing team, "offense", is named Mallory, is trying to send a message
> to Bob as well, but trying to trick Bob into thinking that the incoming
> message comes from Alice.
>
> The way the game is played, either Alice or Mallory gets to send a
> message.  Bob has to decide whether the message actually came from
> Alice.  If Bob gets it right, the "defense" wins.  If Bob gets it wrong,
> the "offense" wins.  The game is played multiple times.
>
> Is that the scenario you're thinking of?  If so, does the defense need
> to win 100% of the time over thousands of games?  or is it acceptable
> for offense to win occasionally?
>
> In any case question is: how much work does Mallory need to do to get
> Bob to make a mistake?  How frequently can Mallory trick Bob into
> accepting mail from her as though it were from Alice?  Conversely, how
> many messages that were actually from Alice can Bob accidentally reject
> without making Alice upset enough to give up on the entire
> communications scheme?
>
>
In old times I would say if Bob and Alice don't know each other and they
have no clue how that particular security software works it should be that
the second message send to one person the security software already detects
forgeries and reports that to a person. However, with that thinking it does
not guarantee that Bob knows that Alice is not Eve. Therefore qualified CA's
in my opinion are mandatory where each user in each country has to register
with his/her id-card so that it's guaranteed that Alice is not Eve.

Regards
Stefan

More information about the Gnupg-users mailing list