1994-01-15 - Re: Using the tools we have

Header Data

From: Jeremy Porter <jerry@terminus.dell.com>
To: cypherpunks@toad.com
Message Hash: e6d73c6929a05fc1dc6c60706f12525942e205fef9319898fe86be33347972ff
Message ID: <9401152235.AA04772@terminus.us.dell.com>
Reply To: N/A
UTC Datetime: 1994-01-15 22:38:06 UTC
Raw Date: Sat, 15 Jan 94 14:38:06 PST

Raw message

From: Jeremy Porter <jerry@terminus.dell.com>
Date: Sat, 15 Jan 94 14:38:06 PST
To: cypherpunks@toad.com
Subject: Re: Using the tools we have
Message-ID: <9401152235.AA04772@terminus.us.dell.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <2h9gen$55r@uudell.us.dell.com> you write:
>	
>From owner-cypherpunks@toad.com  Sat Jan 15 19:33:39 1994
>From: VACCINIA@UNCVX1.OIT.UNC.EDU
>Subject: Using the tools we have
>To: cypherpunks@toad.com
>-----BEGIN PGP SIGNED MESSAGE-----
>
>The detman has been blathering for weeks about how he will subvert the list
>and we now see all sorts of rants impugning the reputations of certain 
>cypherpunks. Postings are reiterated with the message that so and so said 
>this or that and this person is a nazi, or some such drivel. I have no idea 
>who said what because many of the technowizards don't avail themselves of the 
>technology which they themselves have made available and promote as a  
>powerful new tool for the future. Positive reputations? Without an electronic 
>sig, you don't have one. Future? It's here. If even we don't use the available 
>tools, then they are indeed worthless.

One usefull thing that could be done, is to design a list, that will
only post pgp-signed messages.  To  subscribe to the list, you send
your pgp public key, and it sends back its private key.  In order
to for a recieved message to get sent out, it must be signed by
the author.  In order to make anonymous posting possible a person
would need to create a "anonymous" key, with the anonymous remailer address
in it.  The annonymous account would still have to sign the messages so
and identity could be track through this method.  In order to prevent
some kinds of abuses, the list server could send a password back to you
encrypted with the private key you sent it.  You would have to send it the
password back encrypted with the server's public key.  This would verify
that the key was created by a particular users at a specific site.  (OK,
it would be possible to subvert this, but it is significantly more 
difficult.)  The person that runs the list server can sign the list server's
key to vouch for the listserver.  
	For added security you could do something even better.  The list
server only posts messages that are "trusted" at a specified level, or it 
adds a trust factor to the message.  If the list maintainer has met you 
and has signed his key, the list server will believe you are real.  With 
the web of trust and introducers, the list server will quickly be able to 
identify most of the people on the list as being real or "pseudo".  In
particular this will cut down on the number of forgeries posted to the list.  

There are some technical problems with this, due to the hassel of signing 
and or encrypting the messages.  Lack of anonyminity, etc.  This
could even convince most SANE people that there is no conspiracy, i.e.
someone you trust to act as an introducer, believes that the other
person you are talking with is real.  Of course if there really
is a conspiracy it doesn't really help.

One of the things I've been thinking about recently, is about
excerpt of messages and signatures.  When you reply to a message
and copy part of it there is nothing that prevents someone from editing
the text.  And of course the digitial signature is not longer valid
because of the >'s or other characters in the body, plus you
probably don't want to quote the whole message.  Duplicating the
entire message to prove that two or three lines were actually writen
by a particular user id, is pretty wasteful.  I suppose someone
could write a signing program that signs each line idividually, but
that does not sound like a good idea either.  A 128bit hash would
eat nearly 10% of each line.  The hashes can be signed in the signature
section at the end.  After rereading some of Schneir book, it looks
like you can't generate a MD5 hash for less than 64 bytes.  You
would need to pad lines or generate a hash for every two lines.
It would still require some fancy software to handle the extracts and
preserve the signature information.  Currently most peoples software
doesn't even easily support normal PGP/RSA signatures, much less
anything so fancy.



-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLThtW3NeM/yj7Ik1AQEWgAQAh5tqTP1YvTQy09GhqlX85tkt8yH55Lz1
TRcZA5mJ8k9OXqgVLwkIHVUPViX+m+iSLuLR+QWbgUV04uPS/V8wzrnDNWRKvkQE
qmYR3ZSr3agouXQygmFMtPgHzQpkzHNxV6rVSM6Wq7hEj/2lga7+lptHRW9Zy0tC
SLL+0C6Jcpc=
=rKLG
-----END PGP SIGNATURE-----
-- 
 Jeremy Porter  -----------------  Systems Enginneering ----
 Dell Computer Corp. --- jerry@terminus.us.dell.com --------
 ------------------------------------------------------------
  Support your Second Amendment rights to encryption technology. 





Thread