From: "Robert A. Rosenberg" <hal9001@panix.com>
Date: Wed, 13 Mar 1996 15:55:48 +0800
To: John Pettitt <jpp@software.net>
Subject: Re: PGP reveals  the key ID of the recipient of encrypted msg
Message-ID: <v02140b06ad6bb73beb5c@[165.254.158.237]>
MIME-Version: 1.0
Content-Type: text/plain


At 16:36 3/11/96, John Pettitt wrote:

>I can see a case where one would want to broadcast a message (say on usenet)
>with *no* indication of the intended recipient (not even a non registered
>key-id).  It would seem to be easy enough to hack up something that does not
>have key-IDs - to know if it's for you try decryption and if it works then
>it was for you.  This does not scale well as the recipient must trial
>decrypt all messages which could use *a lot* (tm) of CPU time.

There is also the problem of knowing WHICH key to use (ie: Even when you
know the message is intended for you, you must do a test run with each of
your keys until one works). Thus you want private keys whose ownership is
not publicly linked to your known identity (but is known to your
correspondents). So long as you have your corespondent's published Public
Key, you can use it to do a one-time transmission of a private Public Key
to be used to do anonymous (ie: Not Linked to your Public Identity)
transmissions to you.