cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1997-10-12 - D-H Forward Secrecy for E-Mail?

Header Data

From: Tim May <tcmay@got.net>
To: cypherpunks@Algebra.COM
Message Hash: 381c777f9b50746f7c68b78ea78071eb8fd4681f5b37b934a6e756f3011887e6
Message ID: <v03102801b066b3b308e0@[207.167.93.63]>
Reply To: <199710120948.KAA00212@server.test.net>
UTC Datetime: 1997-10-12 17:19:53 UTC
Raw Date: Mon, 13 Oct 1997 01:19:53 +0800

Raw message

From: Tim May <tcmay@got.net>
Date: Mon, 13 Oct 1997 01:19:53 +0800
To: cypherpunks@Algebra.COM
Subject: D-H Forward Secrecy for E-Mail?
In-Reply-To: <199710120948.KAA00212@server.test.net>
Message-ID: <v03102801b066b3b308e0@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain



At 2:48 AM -0700 10/12/97, Adam Back wrote:

>Once you acknowledge that it is more secure to have short lived
>communication keys (which in my view it very clearly is), it should be
...


Just what are some of the issues with us getting D-H-type perfect forward
secrecy with something like e-mail? I assume this must be possible, of
course, as D-H is used in just these ways. (The Comsec 3DES phone I have
does this, of course.) (To repeat what has already been said, forward
secrecy means some of the important keys are not kept or stored, and so a
subpoena at some future time to produce the keys used in a communication is
pointless. Cf. Schneier for more.)

First and foremost as a requirement would be the need for a back-and-forth
communication, in a real-time or nearly real-time mode. This rules out
conventional e-mail with its long a variable latencies for delivery. (Not
to mention diverse clients and their inability to respond automatically!)

But IRC, chat rooms, Internet telephony, etc., are all common. With
latencies of ~seconds, or even less.

I picture conventional e-mail being replaced, for this application, with
this kind of system. Maybe D-H forward secrecy systems already exist....

Forward secrecy might be arrangable even with long-latency links...it seems
to me. (Through a series of links, compute and store the D-H parameters,
then use them with conventional e-mail for the "payload" message?)

--Tim May


The Feds have shown their hand: they want a ban on domestic cryptography
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^2,976,221   | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."

Thread