On Sep 15, 2013, at 7:47 AM, Adam Back <a...@cypherspace.org> wrote:

> Another design permutation I was thinking could be rather interesting is
> unobservable mail.  That is to say the participants know who they are
> talking to (signed, non-pseudonymous) but passive observers do not.  It
> seems to me that in that circumstance you have more design leverage to
> increase the security margin using PIR like tricks than you can with
> pseudonymous/anonymous - if the "contract" is that the system remains very
> secure so long as both parties to a communication channel want it to remain
> that way.

This seems like the main way most people would want PPE to work--like email 
they have now, but much more secure and resistant to abuse.  In the 
overwhelming majority of cases, I know and want to know the people I'm talking 
with.  I just don't want to contents of those conversations or the names of 
people I'm talking with to be revealed to eavesdroppers.  And if I get an email 
from one of my regular correspondents, I'd like to know it came from him, 
rather than being spoofed from someone else.  

For most people, I'm pretty sure the security problems with email are centered 
around the problem of getting unwanted communication from people you don't want 
to hear from, some of which may manage install malware on your computer, others 
of which want to waste your time with scam ads, etc.  A PPE scheme that solves 
that problem can get a lot more users than one that doesn't, and may even 
eventually take over from the current kind of email.  

> Adam

The cryptography mailing list

Reply via email to