Re: Why the poor uptake of encrypted email?
On Thu, Dec 18, 2008 at 01:06:37PM +1000, James A. Donald wrote: Peter Gutmann wrote: ... to a statistically irrelevant bunch of geeks. Watch Skype deploy a not- terribly-anonymous (to the people running the Skype servers) communications system. Actually that is pretty anonymous. Although I am sure that Skype would play ball with any bunch of goons that put forward a plausible justification, or threated to rip their fingernails off, most government agencies find it difficult to deal with anyone that they cannot casually have thrown in jail - dealing with equals is not part of their mindset. So if your threat model does not include the FBI and the CIA, chances are that the people who are threatening you will lack the organization and mindset to get Skype's cooperation. That's also true for e-mail where the only encryption is in the transport. Except that you tend to store your e-mails and not your phone calls, of course. But you could always encrypt your filesystem and not your e-mail itself, and that way avoid all the portability issues that Alec brought up. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Why the poor uptake of encrypted email?
Nicolas Williams wrote: Providing a suitable e-mail security solution for the masses strikes me as more important than providing anonymity to the few people who want or need it. Not that you can't have both, unless you want everyone to use PGP or S/MIME as a way to hide anonymized traffic from non-anonymized traffic. If email goes away - as I hope and expect it will - we will need a new store and forward solution to support anonymity. A store and forward system is a system without end to end real time round trips. Obviously end to end real time round trips prevent anonymity. A system built on top of a best effort unreliable messaging system requires some round tripping, which does not make anonymity impossible, but does make it tricky. Email's architecture is very nice for supporting anonymity. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Why the poor uptake of encrypted email?
Peter Gutmann wrote: ... to a statistically irrelevant bunch of geeks. Watch Skype deploy a not- terribly-anonymous (to the people running the Skype servers) communications system. Actually that is pretty anonymous. Although I am sure that Skype would play ball with any bunch of goons that put forward a plausible justification, or threated to rip their fingernails off, most government agencies find it difficult to deal with anyone that they cannot casually have thrown in jail - dealing with equals is not part of their mindset. So if your threat model does not include the FBI and the CIA, chances are that the people who are threatening you will lack the organization and mindset to get Skype's cooperation. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Why the poor uptake of encrypted email?
StealthMonger stealthmon...@nym.mixmin.net writes: Connection-based communication such as Skype and OTR do not provide this capability. The hop by hop store-and-forward email network does. This is not busted or wrong. It's essential. ... to a statistically irrelevant bunch of geeks. Watch Skype deploy a not- terribly-anonymous (to the people running the Skype servers) communications system. Watch the entire world not care, and flock to it in droves. Heck, the entire business model for social networking, one of the biggest Internet phenomena in the last few years, is built around users being as non-anonymous as possible. So Alec's argument still stands. It's pretty hard selling anonymity and privacy to people who think nothing of sending Twitter updates of everything they do all day long to anyone prepared to listen and posting videos of their drunken antics to MyFace. Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Why the poor uptake of encrypted email?
On Tue, Dec 16, 2008 at 03:06:04AM +, StealthMonger wrote: Alec Muffett alec.muff...@sun.com writes: In the world of e-mail the problem is that the end-user inherits a blob of data which was encrypted in order to defend the message as it passes hop by hop over the store-and-forward SMTP-relay (or UUCP?) e- mail network... but the user is left to deal with the effects of solving the *transport* security problem. The model is old. It is busted. It is (today) wrong. But the capabilities of encrypted email go beyond mere confidentiality and authentication. They include also strongly untraceable anonymity and pseudonymity. This is accomplished by using chains of anonymizing remailers, each having a large random latency for mixing with other traffic. The subject is [w]hy the poor uptake of encrypted email?. Alec's answer shows that encrypted email when at rest is not easy to use. Providing a suitable e-mail security solution for the masses strikes me as more important than providing anonymity to the few people who want or need it. Not that you can't have both, unless you want everyone to use PGP or S/MIME as a way to hide anonymized traffic from non-anonymized traffic. Nico -- - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Why the poor uptake of encrypted email?
Alec Muffett alec.muff...@sun.com writes: In the world of e-mail the problem is that the end-user inherits a blob of data which was encrypted in order to defend the message as it passes hop by hop over the store-and-forward SMTP-relay (or UUCP?) e- mail network... but the user is left to deal with the effects of solving the *transport* security problem. The model is old. It is busted. It is (today) wrong. But the capabilities of encrypted email go beyond mere confidentiality and authentication. They include also strongly untraceable anonymity and pseudonymity. This is accomplished by using chains of anonymizing remailers, each having a large random latency for mixing with other traffic. Connection-based communication such as Skype and OTR do not provide this capability. The hop by hop store-and-forward email network does. This is not busted or wrong. It's essential. stealthmail: Scripts to hide whether you're doing email, or when, or with whom. mailto:stealthsu...@nym.mixmin.net -- StealthMonger stealthmon...@nym.mixmin.net stealthmon...@nym.panta-rhei.eu.org - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]
-- We discovered, however, that most people do not want to manage their own secrets StealthMonger wrote: This may help to explain the poor uptake of encrypted email. There is very good uptake of skype and ssh, because those impose no or very little additional cost on the end user. Secret management is almost furtively sneaked in on the back of other tasks. It would be useful to know exactly what has been discovered. Can you provide references? It is informal knowledge. A field has references when it is a science, or attempting to become a science, or pretending to become a science. Security is not yet even an art. Cryptography is an art that dubiously pretends to science, but the weak point of course is interaction of humans with the cryptography, in which area we have not even the pretense of art. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]
On 8 Dec 2008, at 22:43, David G. Koontz wrote: JOHN GALT wrote: StealthMonger wrote: This may help to explain the poor uptake of encrypted email. It would be useful to know exactly what has been discovered. Can you provide references? The iconic Paper explaining this is Why Johnny Can't Encrypt available here: http://portal.acm.org/citation.cfm?id=1251435 Available from the Authors: http://gaudior.net/alma/johnny.pdf A later follow up (s/mime; more focus on the KDC): http://www.simson.net/clips/academic/2005.SOUPS.johnny2.pdf is IMHO more interesting - as it explores a more realistic hostile scenario, seems to pinpoint the core security issue better; and goes to some length to evaluate remedial steps. And it does show that a large swath of issues in PGP are indeed solvable/solved (now) Thanks, Dw - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Why the poor uptake of encrypted email?
On 8 Dec 2008, at 21:13, JOHN GALT wrote: The iconic Paper explaining this is Why Johnny Can't Encrypt available here: http://portal.acm.org/citation.cfm?id=1251435 Orlbaq gur Jul Wbuaal cncre - sbphfvat hcba hfnovyvgl - V guvax gurer vf n uvture ceboyrz bs vagrebcrenovyvgl naq vasbezngvba-npprff ng cynl urer. Gurer pna or ab npprff gb lbhe znvy jvgubhg hfr bs n pyvrag vs lbh ner hfvat pelcgbtencul - rira EBG13 - naq guvf nybar vf n ovt ceboyrz, orpnhfr zrqvngrq npprff gb lbhe r-znvy vf *ernyyl* cnvashy. Sbe fbzr 15 lrnef V hfrq zu/azu/rkzu (ynggreyl jvgu srgpuznvy), gura zbirq gb Znvy.ncc, erpragyl gevrq Guhaqreoveq sbe n srj zbaguf, naq nz er-pbafvqrevat azu sbe ybat-grez nepuvivat bs r-znvy. V nyfb hfr zl vCbq, guerr yncgbcf jvgu inelvat fcrpvrf bs Havk, naq n 3T cubar gb npprff r-znvy. Bppnfvbanyyl V fgvyy pbcl fghss bhg bs /ine/znvy/. V jbhyq unir fhssrerq vzzrafryl jrer V erdhverq gb hfr n cnegvphyne pelcgb-ranoyrq pyvrag gb qrny jvgu zl r-znvy ng rnpu fgntr, be jrer V erdhverq gb hfr uvfgbevpny pelcgb-pyvragf gb npprff byqre znvyf. Nalbar jubfr pbyyrtr gurfvf vf va JbeqCresrpg ba n 5.25 sybccl ng gur onpx bs n pybfrg fbzrjurer, fubhyq haqrefgnaq guvf ceboyrz. Gb guvf qnl Cebwrpg Thgraoret hfrf syng NFPVV nf n ybjrfg pbzzba qrabzvangbe sbezng, naq fvzvyneyl V arrq zl r-znvy va gur fvzcyrfg sbez fb gung V pna terc vg, crey vg, dhbgr vg naq frnepu vg. Fb jul unf rapelcgrq r-znvy snvyrq? V fhfcrpg gung fgngvp qngn rapelcgvba eribygf ntnvafg gur angher bs crefbany pbzzhavpngvba naq gur arrqf bs crefbany vasbezngvba er-hfr. Sbe pbzcnevfba, pbafvqre gur pbairetrapr bs vafgnag zrffntvat naq r- znvy - gurl ner orpbzvat rire zber nyvxr, ohg gur sbezre zbfgyl eryvrf hcba raq gb raq genafcbeg frphevgl, bsgra nffhzvat gung gur cevinpl bs ybtf ng rvgure raq ner ng gur juvz bs *gung* hfre. Sbe fbzr ernfba guvf jbexf engure jryy; nf frphevgl trrxf jr pbzcynva nobhg vg, ohg gurer unir orra znal gvzrf jura Fxlcr unf onvyrq zr bhg bs gebhoyr jvgu vgf novyvgl gb qevyy guebhtu nyzbfg nalguvat naq cebivqr zr jvgu zrffntvat naq svyr-genafsre. Fvzvyneyl NVZ, Wnoore, TPung - nyy bs juvpu V unccvyl eha jvgu BGE - tvir zr arprffnel zbfgyl-frpher pbzzhavpngvba. Va gur jbeyq bs r-znvy gur ceboyrz vf gung gur raq-hfre vaurevgf n oybo bs qngn juvpu jnf rapelcgrq va beqre gb qrsraq gur zrffntr nf vg cnffrf ubc ol ubc bire gur fgber-naq-sbejneq FZGC-erynl (be HHPC?) r- znvy argjbex... ohg gur hfre vf yrsg gb qrny jvgu gur rssrpgf bs fbyivat gur *genafcbeg* frphevgl ceboyrz. Gur zbqry vf byq. Vg vf ohfgrq. Vg vf (gbqnl) jebat. Vg'f yvxr beqrevat ybofgre ovfdhr, naq univat n yvir ybofgre ghea hc ng lbhe gnoyr; jung lbh jnag vf va gurer - urnivyl nezberq - naq lrf lbh pna eraqre jung lbh erprvir vagb jung lbh npghnyyl qrfver; OHG vg'f zrffl naq lbh'er ernyyl fghpx hayrff lbh unir n zbhyv, n fnhprcna naq n fznyy CTC ubgcyngr ng unaq. Naq bs pbhefr lbh unir gb nepuvir pbcvrf bs gur ybofgre, abg gur fbhc. F/ZVZR naq vgf oergurera rkvfg gb fvzhygnarbhfyl nqqerff gur frphevgl bs qngn va zbgvba naq qngn ng erfg - ohg crbcyr qba'g jnag gur ynggre va gur sbez gung vg cebivqrf, orpnhfr vg vauvovgf vagrebcrenovyvgl naq hfnovyvgl ng n yriry nobir gur guvf fbsgjner fhpxf znggre... Naq vs gur qngn va zbgvba raq gb raq frphevgl vffhr vf orvat nqqerffrq ol guvatf yvxr VZ/BGE naq Fxlcr, gura creuncf frpher r- znvy jvyy fbba tb gur jnl bs Gryarg naq SGC? - nyrp ps: if you are stuck, try www.rot13.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Why the poor uptake of encrypted email?
Alec Muffett wrote: Naq bs pbhefr lbh unir gb nepuvir pbcvrf bs gur ybofgre, abg gur fbhc. If we still had finger-plans, this would have made its way into mine. What a great quote! /ji PS: For the rot13-impaired, it reads And of course you have to archive copies of the lobster, not the soup. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]
James A. Donald [EMAIL PROTECTED] writes: Of course, the old cypherpunk dream is a system with end to end encryption, with individuals having the choice of holding their own secrets, rather than these secrets being managed by some not very trusted authority We discovered, however, that most people do not want to manage their own secrets This may help to explain the poor uptake of encrypted email. It would be useful to know exactly what has been discovered. Can you provide references? - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]
StealthMonger wrote: This may help to explain the poor uptake of encrypted email. It would be useful to know exactly what has been discovered. Can you provide references? The iconic Paper explaining this is Why Johnny Can't Encrypt available here: http://portal.acm.org/citation.cfm?id=1251435 JOHN ;) Timestamp: Monday 08 Dec 2008, 16:13 --500 (Eastern Standard Time) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]
JOHN GALT wrote: StealthMonger wrote: This may help to explain the poor uptake of encrypted email. It would be useful to know exactly what has been discovered. Can you provide references? The iconic Paper explaining this is Why Johnny Can't Encrypt available here: http://portal.acm.org/citation.cfm?id=1251435 Available from the Authors: http://gaudior.net/alma/johnny.pdf http://www.cs.berkeley.edu/~tygar/papers/Why_Johnny_Cant_Encrypt/OReilly.pdf (For those of us not ACM members and not having Library or affliate access). There's also a power point presentation on the cognitive dissonance involved: http://www.nku.edu/~waldenj1/classes/2006/spring/csc593/presentations/Johnny.ppt And something done at Carnegie Mellon: http://cups.cs.cmu.edu/courses/ups-sp06/notes/060202LectureNotes.doc http://cups.cs.cmu.edu/courses/ups-sp06/slides/060202-user-tests2.ppt - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]