From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Fri, 11 Feb 94 20:50:40 PST
To: Bryan Ford <baford@schirf.cs.utah.edu>
Subject: Re: Strategies for getting encryption in widespread use QUICKLY
In-Reply-To: <9402110328.AA10866@schirf.cs.utah.edu>
Message-ID: <MhL5tSG00VAx02i0hU@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hmm...  Well, having a program that will auto install segments only if
they are signed by trusted public keys is a good one...  but then again,
most of the non-techies just want to have a program that works and that
they're happy with.  Many people would rather just keep a stable,
working, but older version instead of going to the trouble of trying to
always have the latest.  But perhaps we could have a system such that
only authenticated program upgrades could be installed, to combat
against trojan horses, virii, bombs, etc.

I would be wary of an auto-update system because of possible bugs in the
software.  Even if you only allowed updates from completely trusted
public keys, even the best of us make mistakes and screw something up...
 but public-key protection against viruses and trojan horses would be a
good thing.

Perhaps we just need something that would make using encryption easier. 
Tell me what you all think of this as a project for cypherpunks:

Does anyone want to develop an encrypted term program?  On-the-fly
encryption over a modem.  This would allow everyone to encrypt very
easily.  It could support plug-in modules (with signatures) to support
automatic pgp signing/verification, additional cipher modules (ie DES,
IDEA, MPJ2).  When logging on to you favorite BBS, instead of typing
your password in, you enter your account, and then set your encryption
on your terminal to your password, and if it's right, then you can
decode the transmission and you are logged on.  That way nobody could
steal your password (or anything else) by tapping your transmission.

Encrypting two way modem transmissions would be a problem, but it could
probably be solved by packaging the data into manageable packets with an
error-correction protocol and then encrypting those.  Error-correction
would be vital, as line noise can wreak havok on encrypted data. 
(Although you could reduce the impact of the errors by weakening the
cipher somewhat.)  I do have several ideas as to how to do this...

What do you think?  Anyone want to take this on as a project?
If I'm going to do it, it would be for MS-DOS systems, tho if there's
enuff interest, it might be possible to develop multi-platform support
concurrently.
Let me know...