[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PGP Comment feature weakens remailer securityPGP Comment feature weakens remailer security


Suppose you want to mail or post something sensitive enough
to chain through several remailers with PGP encryption at every stage
to protect the privacy of communications.  PGP can bite you.
The PGP comment feature lets you stick one (or more?) lines of comment
into your encrypted messages, after the Version: line but before the
encrypted message body.  If you use the PGP comment feature to say something
more or less unique (mine says that you can get PGP outside the country
from ftp.ox.ac.uk), anybody eavesdropping the last remailer in your chain
can notice this in the remailer's input and recognize that it's from you,
even though you've chained through six different places to get there.
It's still encrypted, and protected to the extent that the remailer protects
you, but if the remailer is corrupt or your message can be identified 
by size among the other remailer inputs, you're hosed.

So, for safety, either turn off PGP comments before using it 
with remailers, or wipe out the comments by hand  before each layer of encryption
(easy to do with GUI-based systems like Private Idaho; I don't know
if premail lets you do this or not.)

                                      Bill Stewart

Version: 2.7.1
Comment: PGP available outside U.S.A. at ftp.ox.ac.uk


#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, [email protected]
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281