1995-11-09 - Re: PGP Comment feature weakens remailer security

Header Data

From: Raph Levien <raph@CS.Berkeley.EDU>
To: Lance Cottrell <loki@obscura.com>
Message Hash: adfdccfc873aefcaf0cb160c686325095aabb9a0e4e8e3d78e1021581203be6e
Message ID: <199511090147.RAA31271@kiwi.cs.berkeley.edu>
Reply To: <199511081943.LAA24863@kiwi.cs.berkeley.edu>
UTC Datetime: 1995-11-09 02:44:36 UTC
Raw Date: Thu, 9 Nov 1995 10:44:36 +0800

Raw message

From: Raph Levien <raph@CS.Berkeley.EDU>
Date: Thu, 9 Nov 1995 10:44:36 +0800
To: Lance Cottrell <loki@obscura.com>
Subject: Re: PGP Comment feature weakens remailer security
In-Reply-To: <199511081943.LAA24863@kiwi.cs.berkeley.edu>
Message-ID: <199511090147.RAA31271@kiwi.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I think you are fine if the odds of corrupting the message are less than 
> the odds of getting hit by a a falling meteor while running the program. 
> In general there is little point in making any one part of the system 
> many orders of magnitude more reliable than any other part.

I agree entirely. That's why my PGP key at school is 382 bits. It's a
lot easier to compromise my machine than factor a 382 bit number.

So let me rephrase the question: what's the minimum number of entropy
bits that can be used and still give you that warm and fuzzy feeling
that you don't have to worry about the possibility that the message
might be corrupted?

The winning answer gets a free mention in the PGP/MIME Implementation
notes Web page: http://www.c2.org/~raph/impl.html

Raph

Thread

• Return to November 1995

• Return to “Andreas Bogk <andreas@artcom.de>”
• Return to “anonymous-remailer@shell.portal.com”
• Return to “Jon Lasser <jlasser@rwd.goucher.edu>”
• Return to “Lance Cottrell <loki@obscura.com>”
• Return to “Laurent Demailly <dl@hplyot.obspm.fr>”
• Return to “NetSurfer <netsurf@pixi.com>”
• Return to ““Perry E. Metzger” <perry@piermont.com>”

• Return to “Raph Levien <raph@CS.Berkeley.EDU>”

• 1995-11-08 (Wed, 8 Nov 1995 13:21:55 +0800) - PGP Comment feature weakens remailer securityPGP Comment feature weakens remailer security - anonymous-remailer@shell.portal.com
  • 1995-11-09 (Thu, 9 Nov 1995 08:44:18 +0800) - Re: PGP Comment feature weakens remailer security - Raph Levien <raph@CS.Berkeley.EDU>
    • 1995-11-09 (Thu, 9 Nov 1995 09:52:24 +0800) - Re: PGP Comment feature weakens remailer security - Lance Cottrell <loki@obscura.com>
    • 1995-11-09 (Thu, 9 Nov 1995 10:44:36 +0800) - Re: PGP Comment feature weakens remailer security - Raph Levien <raph@CS.Berkeley.EDU>
      • 1995-11-09 (Thu, 9 Nov 1995 22:34:33 +0800) - Re: PGP Comment feature weakens remailer security - “Perry E. Metzger” <perry@piermont.com>
        • 1995-11-09 (Fri, 10 Nov 1995 02:20:49 +0800) - Small keysizes do make sense (was PGP Comment weakens…) - Raph Levien <raph@CS.Berkeley.EDU>
          • 1995-11-09 (Fri, 10 Nov 1995 04:32:17 +0800) - Re: Small keysizes do make sense (was PGP Comment weakens…) - “Perry E. Metzger” <perry@piermont.com>
            • 1995-11-09 (Fri, 10 Nov 1995 06:03:59 +0800) - Re: Small keysizes do make sense (was PGP Comment weakens…) - Raph Levien <raph@CS.Berkeley.EDU>
          • 1995-11-10 (Sat, 11 Nov 1995 01:45:44 +0800) - Re: Small keysizes do make sense (was PGP Comment weakens…) - Andreas Bogk <andreas@artcom.de>
        • 1995-11-09 (Fri, 10 Nov 1995 05:56:29 +0800) - Re: PGP Comment feature weakens remailer security - Jon Lasser <jlasser@rwd.goucher.edu>
  • 1995-11-09 (Thu, 9 Nov 1995 08:54:31 +0800) - Re: PGP Comment feature weakens remailer security - NetSurfer <netsurf@pixi.com>
  • 1995-11-09 (Thu, 9 Nov 1995 22:15:26 +0800) - Mime/multipart (was Re: PGP Comment feature weakens remailer security) - Laurent Demailly <dl@hplyot.obspm.fr>
    • 1995-11-09 (Fri, 10 Nov 1995 02:10:07 +0800) - Re: Mime/multipart (was Re: PGP Comment feature weakens remailer security) - Raph Levien <raph@CS.Berkeley.EDU>