[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unlabelled PGP messages

To: [email protected] (Bill Stewart)
Subject: Re: Unlabelled PGP messages
From: [email protected] (Yanek Martinson)
Date: Mon, 30 Nov 92 20:41:03 EDT
Cc: [email protected]
In-Reply-To: <[email protected]>; from "Bill Stewart" at Nov 30, 92 5:45 pm

[talks about posting anonymous messages that only recipient can decrypt]

> 	like a 4-bit checksum of the PGP key or the key length as a label 
> 	- it's not enough to identify which key it is, but it's enough
> 	to cut down on your decryption by a factor of 16.
> 	A longer checksum is too revealing - even 8 bits identifies 
> 	1/256th of the crypto community, which isn't very anonymous.

Why not generate a key just for this conversation, and then post a full
128-bit (22 base64 characters) hash in the subject.

You can even have a key for each message if the conconversation is two-way
then whenever you are about to send a message you can generate a new key
pair and include the new public key with your message.  

As soon as you receive and decrypt the message for that key, destroy the
private key.

References:
- Re: Unlabelled PGP messages
  - From: [email protected] (Bill Stewart)

Prev by Date: Re: thoughts on digital cash
Next by Date: thoughts on digital cash
Prev by thread: Re: Unlabelled PGP messages
Next by thread: News item
Index(es):
- Date
- Thread