[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Improvement of remailer security
On Fri, 11 Mar 1994 01:00:37 -0500 (EST), Matthew J Ghio
<[email protected]> said:
> [email protected] (Axel Boldt):
>> Even the current pgp encryption scheme offered by some remailers
>> doesn't help much, once the incoming and outgoing messages are
>> known: just take the outgoing message from the remailer, encrypt
>> it with the remailer's public key, compare this to the incoming
>> messages and you know who sent this message (repeat if a chain
>> of remailers was used).
> Nope... PGP encrypts the message with a random IDEA key, and then
> encrypts the IDEA key with RSA. You'd have to guess which IDEA key was
> used, and encrypt that with RSA. The SS couldn't guess 2^128 possible
> IDEA keys [...]
Thanks for pointing this out. I wasn't aware of the fact that pgp
encrypting is not deterministic in the sense that encrypting the same
message with the same public key need not result in the same output.
I guess that makes my whole suggestion pointless.
Axel
P.S. Pardon my ignorance: Doesn't this scheme you describe above make
the random generator the most attackable part of pgp encryption,
thereby sidestepping the whole RSA stuff?