1995-01-12 - Re: How do I know if its encrypted?

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: 7cf2323b036c6c323334c94250d8af1692aa53746bd796c8a09b8b7866214fd5
Message ID: <199501121701.JAA24309@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1995-01-12 17:01:09 UTC
Raw Date: Thu, 12 Jan 95 09:01:09 PST

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Thu, 12 Jan 95 09:01:09 PST
To: cypherpunks@toad.com
Subject: Re: How do I know if its encrypted?
Message-ID: <199501121701.JAA24309@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

The data haven concept as I understood it held data for public access in
some form (for sale or for free) which would be illegal in some
jurisdiction.  This might include credit information that was older than
the legal limit, libelous claims, damaging medical records, etc.
Frankly, I suspect that most usages would be directed towards reducing,
rather than increasing, individual privacy.  So this is not an area I am
interested in working towards.

The idea of offsite storage doesn't seem that helpful since you can just
store the data on your own disk in encrypted form.  Maybe if encryption
gets outlawed it would be useful, but then you can't use encryption to
communicate with the haven.

As far as remailers requiring encryption, one purpose would be to reduce
complaints by making it impossible to send some kinds of messages which
people would object to.  It would be hard to post to usenet, for example,
in a useful way.  And mail to private individuals could not contain
obvious obscenities or other objectionable material.

The problem with this is that if people become able to handle and deal
with incoming encrypted mail in a transparent way, this restriction is no
longer effective in the latter purpose.  Someone could get encrypted hate
mail and have it transparently decrypted and displayed just like normal
mail.  They will be just as upset as people are today when they get
objectionable mail from the remailer.

As far as usenet posts, if a particular decryption key were widely and
customarily used in a particular newsgroup, objectionable material
could still be widely read if encrypted with that key.  Tim May's
example of a fake encrypted post containing inflammatory material is a
good example of the heat which could occur, especially when the message
is real and not a fake one like he did.  So I don't think this
restriction would really accomplish the desired goal except perhaps in
the short term.

If the purpose is to have plausible deniability by the remailer
operator, I feel we can still get that by publicizing the remailer
software source, which has no provisions for manual filtering.  A policy
of sending only encrypted mail so that the operator can't filter would
be no more acceptable to critics of anonymity than a policy of just not
filtering at all.

Entropy checking is not adequate to detect encryption, as compressed
files have maximal entropy as well.  For these purposes, compression may
be nearly as good as encryption, except that standard compression formats
are already widely used.  An entropy checker might well pass a gif,
jpeg, or zip file, so this filter would by itself be useless to prevent
posting of unencrypted graphics.  It would probably have to be augmented
at least by some checks for these special file formats.

Hal

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLxVgSRnMLJtOy9MBAQF66wIA3a01avgc0jBjKXH6IMjO+6wj4tBeSUmM
ZeRl+xFZFZ4Cfsrik1ghuHXI31isiHUzrPAIVEZfFIpTw6w9T0QdSQ==
=YVRq
-----END PGP SIGNATURE-----





Thread