* John Denker j...@av8n.com [2013-10-10 17:13 -0700]:
*) Each server should publish a public key for /dev/null so that
users can send cover traffic upstream to the server, without
worrying that it might waste downstream bandwidth.
This is crucial for deniabililty: If the rubber-hose guy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/10/2013 6:40 PM, grarpamp wrote: On Thu, Oct 10, 2013 at 11:58
AM, R. Hirschfeld r...@unipay.nl wrote:
To send a prism-proof email, encrypt it for your recipient and
send it to irrefrangi...@mail.unipay.nl. Don't include any
information
On Thu, Oct 10, 2013 at 03:54:26PM -0400, John Kelsey wrote:
Having a public bulletin board of posted emails, plus a protocol for
anonymously finding the ones your key can decrypt, seems like a pretty decent
architecture for prism-proof email. The tricky bit of crypto is in making
access to
grarpamp wrote:
On Thu, Oct 10, 2013 at 11:58 AM, R. Hirschfeld r...@unipay.nl wrote:
To send a prism-proof email, encrypt it for your recipient and send it
to irrefrangi...@mail.unipay.nl. Don't include any information about
To receive prism-proof email, subscribe to the irrefrangible
On Thu, Oct 10, 2013 at 04:22:50PM -0400, Jerry Leichter wrote:
On Oct 10, 2013, at 11:58 AM, R. Hirschfeld r...@unipay.nl wrote:
Very silly but trivial to implement so I went ahead and did so:
To send a prism-proof email, encrypt it for your recipient and send it
to
Very silly but trivial to implement so I went ahead and did so:
To send a prism-proof email, encrypt it for your recipient and send it
to irrefrangi...@mail.unipay.nl. Don't include any information about
the recipient, just send the ciphertext (in some form of ascii armor).
Be sure to include
Having a public bulletin board of posted emails, plus a protocol for
anonymously finding the ones your key can decrypt, seems like a pretty decent
architecture for prism-proof email. The tricky bit of crypto is in making
access to the bulletin board both efficient and private.
--John
The simple(-minded) idea is that everybody receives everybody's email, but
can only read their own. Since everybody gets everything, the metadata is
uninteresting and traffic analysis is largely fruitless.
Some traffic analysis is still possible based on just message originator. If I
see
On Oct 10, 2013, at 11:58 AM, R. Hirschfeld r...@unipay.nl wrote:
Very silly but trivial to implement so I went ahead and did so:
To send a prism-proof email, encrypt it for your recipient and send it
to irrefrangi...@mail.unipay.nl
Nice! I like it.
A couple of comments:
1. Obviously,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cool.
Drop me a note if you want hosting (gratis) for this.
On 10/10/13 10:22 PM, Jerry Leichter wrote:
On Oct 10, 2013, at 11:58 AM, R. Hirschfeld r...@unipay.nl
wrote:
Very silly but trivial to implement so I went ahead and did
so:
To send
Having a public bulletin board of posted emails, plus a protocol
for anonymously finding the ones your key can decrypt, seems
like a pretty decent architecture for prism-proof email.
The tricky bit of crypto is in making access to the bulletin
board both efficient and private.
This idea has
On 10/10/2013 12:54 PM, John Kelsey wrote:
Having a public bulletin board of posted emails, plus a protocol
for anonymously finding the ones your key can decrypt, seems
like a pretty decent architecture for prism-proof email. The
tricky bit of crypto is in making access to the bulletin
On Oct 10, 2013, at 5:20 PM, Ray Dillinger b...@sonic.net wrote:
On 10/10/2013 12:54 PM, John Kelsey wrote:
Having a public bulletin board of posted emails, plus a protocol
for anonymously finding the ones your key can decrypt, seems
like a pretty decent architecture for prism-proof email.
On 10/10/2013 02:20 PM, Ray Dillinger wrote:
split the message stream
into channels when it gets to be more than, say, 2GB per day.
That's fine, in the case where the traffic is heavy.
We should also discuss the opposite case:
*) If the traffic is light, the servers should generate cover
On Thu, Oct 10, 2013 at 11:58 AM, R. Hirschfeld r...@unipay.nl wrote:
To send a prism-proof email, encrypt it for your recipient and send it
to irrefrangi...@mail.unipay.nl. Don't include any information about
To receive prism-proof email, subscribe to the irrefrangible mailing
list at
On Thu, 2013-10-10 at 14:20 -0700, Ray Dillinger wrote:
Wrong on both counts, I think. If you make access private, you
generate metadata because nobody can get at mail other than their
own. If you make access efficient, you generate metadata because
you're avoiding the wasted bandwidth that
John Kelsey crypto@gmail.com writes:
In the overwhelming majority of cases, I know and want to know the
people I'm talking with. I just don't want to contents of those
conversations or the names of people I'm talking with to be revealed
to eavesdroppers. And if I get an email from one
On Fri, Sep 13, 2013 at 10:12 PM, Perry E. Metzger pe...@piermont.comwrote:
On Fri, 13 Sep 2013 16:55:05 -0400 John Kelsey crypto@gmail.com
wrote:
Everyone,
The more I think about it, the more important it seems that any
anonymous email like communications system *not* include
On Fri, 13 Sep 2013 16:55:05 -0400 John Kelsey crypto@gmail.com
wrote:
Everyone,
The more I think about it, the more important it seems that any
anonymous email like communications system *not* include people who
don't want to be part of it, and have lots of defenses to prevent
its
On 08/22/2013 02:36 AM, Phillip Hallam-Baker wrote:
Thanks to Snowden we now have a new term of art 'Prism-Proof', i.e. a
security scheme that is proof against state interception. Having had
an attack by the Iranians, I am not just worried about US interception.
Chinese and Russian intercepts
On Sun, 25 Aug 2013 10:37:52 -0700 Ray Dillinger b...@sonic.net
wrote:
Therefore, IMO, any possible solution to email privacy, if it is to
be trusted at all, must be pure P2P with no centralized points of
failure/control and no specialized routers etc.
Quite agreed. I have a long message in
On 22 August 2013 10:36, Phillip Hallam-Baker hal...@gmail.com wrote:
Preventing key substitution will require a combination of the CT ideas
proposed by Ben Laurie (so catenate proof notaries etc) and some form of
'no key exists' demonstration.
We have already outline how to make verifiable
On Fri, Aug 23, 2013 at 6:02 PM, Philip Whitehouse phi...@whiuk.com wrote:
Let me just see if I get where you're going:
So essentially you've increased the number of CAs to the number of
companies without really solving the PRISM problem. The sheer number mean
it's impractical to do much
On Fri, Aug 23, 2013 at 6:42 PM, Joe St Sauver j...@oregon.uoregon.eduwrote:
I wouldn't take Snowden's alleged opsec practice, or lack thereof, as
a demonstration proof that PGP and/or S/MIME are impossibly difficult for
technical people (or even motivated NON-technical people) to use when
On Fri, Aug 23, 2013 at 3:34 PM, Ben Laurie b...@links.org wrote:
On 22 August 2013 10:36, Phillip Hallam-Baker hal...@gmail.com wrote:
Preventing key substitution will require a combination of the CT ideas
proposed by Ben Laurie (so catenate proof notaries etc) and some form of
'no key
25 matches
Mail list logo