[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP Comment feature weakens remailer security

I think you are fine if the odds of corrupting the message are less than 
the odds of getting hit by a a falling meteor while running the program. 
In general there is little point in making any one part of the system 
many orders of magnitude more reliable than any other part.


On Wed, 8 Nov 1995, Raph Levien wrote:

>    Point well taken.
>    I'm seriously considering completely disabling the PGP comment
> feature when invoked from premail. In fact, that's what the new code
> does right now.
>    On an unrelated topic... cypherpunks like to count bits, right?
> What is the correct number of pseudorandom bits to use in a MIME
> multipart separator? If the data has a line which matches the
> separator, the message is corrupted. Of course, if you can take
> multiple passes through the data, you can simply verify that it does
> not contain a line which matches the separator. But if you're
> restricted to a single pass, then the only way to do it is to use a
> randomly generated separator.
>    I figure that 128 bits should _definitely_ be enough (that's what
> is in the new premail code now). Even 64 bits should ensure that it is
> unlikely that anyone will ever experience message corruption over the
> expected lifetime of premail. However, it makes me nervous. What do
> people think?
> Raph

Lance Cottrell   [email protected]
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."