cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1995-09-15 - Re: PGP in UK - snooped as unSTEALTHed?

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: perry@piermont.com
Message Hash: bcbc3e7e877c2c4591a1aa87e11c5cb9e4988281ff7e6a7dc6c4fffb03d0c2bd
Message ID: <199509150725.AAA11217@ix3.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1995-09-15 07:26:14 UTC
Raw Date: Fri, 15 Sep 95 00:26:14 PDT

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 15 Sep 95 00:26:14 PDT
To: perry@piermont.com
Subject: Re: PGP in UK - snooped as unSTEALTHed?
Message-ID: <199509150725.AAA11217@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:29 AM 9/12/95 -0400, Perry wrote, replying to Gary:
>>    When are the PGP designers and coders going to get serious
>>    and develop STEALTH PGP inside PGP itself!?
>Never, I hope. It would dramatically lower the utility of the
>system. Can you imagine how disgusting it would be to try decrypting
>something if you have a dozen keys outstanding? 

I disagree - if it's done right, the degree of stealth can be
user-selectable, and even moderately stealthy options can tell
which key to use without giving away much information.  (For instance,
4 bits of keyid isn't very revealing, but will tell you which one or
two of your dozen keys to try.)  Have the most non-stealth options
indicate that it's PGP-encrypted and addressed to keyid 0x12345678,
Joe User <joe@foo.com>, blah, blah.

The basic problem is that stealth wasn't an original design criterion,
so many parts of the PGP data format reveal at least that PGP is
being used, and occasionally other information as well.  Some things
are easy to work around (----- BEGIN PGP etc.), and some aren't.
Changing this takes a substantial amount of redesign.

>Not to mention how
>hard it would be to deal with figuring out that you should even try to
>decrypt things in the first place.
As you say a couple paragraphs later:
>If someone sees a bunch of random numbers in mail sent by me, it's going 
>to be pretty obvious what the hell is inside anyway.
Similarly, if someone emails you a bunch of random numbers....

>I very much see this whole thing as a non-issue.

Most of the time, for most users now, it's not an issue.  
But there are people who will need to hide encrypted messages, 
and as anti-privacy laws in the US become stronger, that may be us.
Is this an issue for PGP 3.0.1, or an issue for Privacy:TNG?
Probably the latter, given the state of the PGP world,
and certainly ranting at the developers to do it now is uncool.
But it should be a design goal.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

Thread