[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MITM attacks and True Names (again...)
-----BEGIN PGP SIGNED MESSAGE-----
Hal <[email protected]> wrote:
> Eventually it seems that
> the MITM becomes enmeshed so deeply in his own lies that he would get
> caught. If steps like these are taken successfully it should be
> reasonable to sign a nym's key, with the semantics being that either this
> is the real key of the sender, or he has a nearly omnipotent MITM
> surrounding him.
Let's think of ways to foil Mitch:
1. Physical body (a.k.a. "True Name") mapping.
2. The "overload his processors" trick.
3. Sending hashes of future messages.
4. Sending your public key to the Web O Trust via multiple,
5. Working an identifier of your public key into conversation so that
Mitch can't edit out your public key without changing the whole
conversation. (E.g. "I talked to her a number of times equal to the
least significant 4 bits of my public key." This is an example which
Mitch could easily handle, by replacing "a number ... key" with "3
times", but it gives you the idea.)
All of these can involve psychological manuevers, like "informal
coding". That is, trying to sneak some information by Mitch that he
*should* edit if he knew what he was good for him, but he doesn't
realize it. This gets really interesting, trying to communicate
something to your actual recipient without letting Mitch realize what
you are communicating.
The "tell me [something only you would know]" game is a good example of
I think method 4 is the best method. Method 1 is more reliable, but
much more expensive and I have a strong aversion to making it necessary
for everyone to publicize their True Name. I don't know if method 5
is even feasible. :-)
Of course, there is no reason not to use many different methods
"To strive, to seek, to find and not to yield."
[email protected] </a>
-----BEGIN PGP SIGNATURE-----
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01
-----END PGP SIGNATURE-----