[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP Comment feature weakens remailer security



> I think you are fine if the odds of corrupting the message are less than 
> the odds of getting hit by a a falling meteor while running the program. 
> In general there is little point in making any one part of the system 
> many orders of magnitude more reliable than any other part.

I agree entirely. That's why my PGP key at school is 382 bits. It's a
lot easier to compromise my machine than factor a 382 bit number.

So let me rephrase the question: what's the minimum number of entropy
bits that can be used and still give you that warm and fuzzy feeling
that you don't have to worry about the possibility that the message
might be corrupted?

The winning answer gets a free mention in the PGP/MIME Implementation
notes Web page: http://www.c2.org/~raph/impl.html

Raph