From: roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
Date: Thu, 30 Jun 94 21:02:02 PDT
To: cypherpunks@toad.com
Subject: Re: MAIL: chained remailing strategy
In-Reply-To: <9406300419.AA04143@flammulated.owlnet.rice.edu>
Message-ID: <940630.222317.5I7.rusnews.w165w@sendai.cybrspc.mn.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

[ Whew!  The list was strangely silent for about 18 hours here, and I
was afraid that the news system upgrade had gone awry. ]

In list.cypherpunks, klbarrus@owlnet.rice.edu writes:

> Yes, the extra text is ignored.  In fact, the remailer implemented
> this form of padding (however, it only padded messages shorter than 2K
> out to 2K).  This isn't the best way to do padding since it is quite
> obvious that it is in fact padding.  Hal Finney wrote some perl
> scripts which pad inside the pgp message (add random text without
> likewise updating the message length field; upon decryption the extra
> text is throw away) and this is a better approach.

How tough would that be to add to PGP itself?  And would it deplete the
random pool too much?  Or could psuedo-random lengths of psuedo-random
padding be as effective as real random padding?
- -- 
Roy M. Silvernail --  roy@sendai.cybrspc.mn.org will do just fine, thanks.
          "Does that not fit in with your plans?"
                      -- Mr Wiggen, of Ironside and Malone (Monty Python)
        PGP 2.3a public key available upon request (send yours)

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBLhONNBvikii9febJAQEfugP+Iw2bCJ86AfXkJeGGcpSFt6qrVqAQWwqd
5s4hZ1VUZzj8FF9u9GHMSPMtbmcuF5IcIF6dfARPbTcsF4zIKDZ+qgerMA3UckV1
y8QGDOtKGldSYP/b4uz7E7Keto9StFYjTMNH/tG2RUwdwyC3peFfAO7oh7zDjEYj
T5Yr+2L07E0=
=2Lxw
-----END PGP SIGNATURE-----