[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remailer passphrases

To: [email protected] (Bill Frantz)
Subject: Re: Remailer passphrases
From: "Perry E. Metzger" <[email protected]>
Date: Tue, 12 Mar 1996 14:51:47 -0500
Cc: [email protected]
In-Reply-To: Your message of "Tue, 12 Mar 1996 10:55:39 PST." <[email protected]>
Reply-To: [email protected]
Sender: [email protected]

Bill Frantz writes:
> One of the reasons classical (government) crypto users change keys
> frequently is to minimize the amount of data compromised by a broken key. 
> We keep hearing about NSA decrypting 20 year old cyphertext and showing
> more of the workings of the atomic spy rings operating in the 40s and 50s. 
> If an opponent can rubber hose the key, her job is easy.  If she has to
> perform cryptoanalysis, it is much harder.  Remailers should regularly
> change their keys to avoid compromising previously recorded traffic.  (They
> can have a long lived key for signing their traffic keys.)

Signed Diffie-Hellman key exchanges have the property known as
"Perfect Forward Secrecy". Even if the opponent gets your public keys
it still will not decrypt any traffic for him at all -- it just lets
him pretend to be you. Thats one reason why protocols like Photuris
and Oakley use the technique.

Perry

Follow-Ups:
- Re: Remailer passphrases
  - From: Simon Spero <[email protected]>
- Re: Remailer passphrases
  - From: [email protected] (Chris McAuliffe)

References:
- Re: Remailer passphrases
  - From: [email protected] (Bill Frantz)

Prev by Date: Re: Leahy bill nightmare scenario?
Next by Date: Re: anonymous web pages (Was: SurfWatch)
Prev by thread: Re: Remailer passphrases
Next by thread: Re: Remailer passphrases
Index(es):
- Date
- Thread