Re: [Cryptography] Good private email

2013-08-27 Thread Sebastian Krahmer
On Mon, Aug 26, 2013 at 07:12:21AM -0400, Richard Salz wrote: I don't think you need all that much to get good secure private email. You need a client that can make PEM pretty seamless; reduce it to a button that says encrypt when possible. You need the client to be able to generate a

Re: [Cryptography] Using Raspberry Pis

2013-08-27 Thread Bill Stewart
Custom built hardware will probably be the smartest way to go for an entrepreneur trying to sell these in bulk to people as home gateways anyway Meanwhile, while Phill may have spent $25 for a USB Ethernet, I frequently see them on sale for $10 and sometimes $5.

Re: [Cryptography] Traffic Analysis (was Re: PRISM PROOF Email)

2013-08-27 Thread Wendy M. Grossman
On 08/27/2013 01:17, Perry E. Metzger wrote: On Mon, 26 Aug 2013 17:39:16 -0400 The Doctor dr...@virtadpt.net wrote: On 08/26/2013 09:26 AM, Perry E. Metzger wrote: Mix networks are, however, a well technique. Onion networks, which are related, are widely deployed right now in the form of

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Phill
On Aug 26, 2013, at 5:27 PM, The Doctor dr...@virtadpt.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/26/2013 08:46 AM, Phillip Hallam-Baker wrote: Which is why I think Ted Lemon's idea about using Facebook type friending may be necessary. Or Gchat-style contacts.

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-08-27 Thread Ralph Holz
Hi, There is a host of older literature, too - P2P research, however, has become a cold topic. Although I expect that it will see a revival in the face of surveillance. For people who are interested, the list I have (for a year or two back) is: [list] I would like to add the following:

Re: [Cryptography] Good private email

2013-08-27 Thread The Doctor
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/27/2013 02:32 AM, Sebastian Krahmer wrote: Now, thats an interesting point! Once all email is encrypted, how many mail providers would be interested in offering free service at all, Another question might be, how many e-mail services would

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread ianG
On 26/08/13 08:47 AM, Richard Clayton wrote: Even without the recent uproar over email privacy, at some point, someone was going to come up with a product along the following lines: Buy a cheap, preconfigured box with an absurd amount of space (relative to the huge amounts of space, like 10GB,

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread radix42
Iang wrote: Why do we need the 1980s assumption of being able to send freely to everyone, anyway? tech.supp...@i.bought.your.busted.thing.com is one that comes to mind. i...@sale.me.your.thing.com is another. I think the types of prior whitelist only secure systems being discussed on-list

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Wendy M. Grossman
On 08/27/2013 18:34, ianG wrote: Why do we need the 1980s assumption of being able to send freely to everyone, anyway? It's clear you're not a journalist or working in any other profession where you actually need to be able to communicate spontaneously with strangers. wg --

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Greg Broiles
On Tue, Aug 27, 2013 at 2:04 PM, Wendy M. Grossman wen...@pelicancrossing.net wrote: It's clear you're not a journalist or working in any other profession where you actually need to be able to communicate spontaneously with strangers. And if the people who attacked the NY Times' DNS today

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Phillip Hallam-Baker
On Tue, Aug 27, 2013 at 5:04 PM, Wendy M. Grossman wen...@pelicancrossing.net wrote: On 08/27/2013 18:34, ianG wrote: Why do we need the 1980s assumption of being able to send freely to everyone, anyway? It's clear you're not a journalist or working in any other profession where you

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread radix42
Phillip Hallam-Baker wrote: One hypothesis that I would like to throw out is that there is no point in accepting encrypted email from someone who does not have a key to encrypt the response. I'd agree, as I was in just this position in the last week or so: I got a gpg encryped email from

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-08-27 Thread Jerry Leichter
I wonder if much of the work on secure DHT's and such is based on bad assumptions. A DHT is just a key/value mapping. There are two reasons to want to distribute such a thing: To deal with high, distributed load; and because it's too large to store on any one node. I contend that the second

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-08-27 Thread Perry E. Metzger
On Tue, 27 Aug 2013 21:13:59 -0400 Jerry Leichter leich...@lrw.com wrote: I wonder if much of the work on secure DHT's and such is based on bad assumptions. A DHT is just a key/value mapping. There are two reasons to want to distribute such a thing: To deal with high, distributed load; and

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Perry E. Metzger
On Tue, 27 Aug 2013 21:33:01 + radi...@gmail.com wrote: Iang wrote: Why do we need the 1980s assumption of being able to send freely to everyone, anyway? tech.supp...@i.bought.your.busted.thing.com is one that comes to mind. i...@sale.me.your.thing.com is another. I think the types of

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Perry E. Metzger
On Tue, 27 Aug 2013 22:04:22 +0100 Wendy M. Grossman wen...@pelicancrossing.net wrote: On 08/27/2013 18:34, ianG wrote: Why do we need the 1980s assumption of being able to send freely to everyone, anyway? It's clear you're not a journalist or working in any other profession where you

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-08-27 Thread Jonathan Thornburg
On Tue, 27 Aug 2013, Perry E. Metzger wrote: Say that you want to distribute a database table consisting of human readable IDs, cryptographic keys and network endpoints for some reason. Say you want it to scale to hundreds of millions of users. This sounds remarkably like a description of

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Peter Saint-Andre
On 8/27/13 7:48 PM, Perry E. Metzger wrote: On Tue, 27 Aug 2013 22:04:22 +0100 Wendy M. Grossman wen...@pelicancrossing.net wrote: On 08/27/2013 18:34, ianG wrote: Why do we need the 1980s assumption of being able to send freely to everyone, anyway? It's clear you're not a journalist or

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Peter Saint-Andre
On 8/27/13 7:45 PM, Perry E. Metzger wrote: On Tue, 27 Aug 2013 21:33:01 + radi...@gmail.com wrote: Iang wrote: Why do we need the 1980s assumption of being able to send freely to everyone, anyway? tech.supp...@i.bought.your.busted.thing.com is one that comes to mind.

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-08-27 Thread Perry E. Metzger
On Tue, 27 Aug 2013 19:57:30 -0600 Peter Saint-Andre stpe...@stpeter.im wrote: On 8/27/13 7:47 PM, Jonathan Thornburg wrote: On Tue, 27 Aug 2013, Perry E. Metzger wrote: Say that you want to distribute a database table consisting of human readable IDs, cryptographic keys and network

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-08-27 Thread Peter Saint-Andre
On 8/27/13 7:47 PM, Jonathan Thornburg wrote: On Tue, 27 Aug 2013, Perry E. Metzger wrote: Say that you want to distribute a database table consisting of human readable IDs, cryptographic keys and network endpoints for some reason. Say you want it to scale to hundreds of millions of users.

[Cryptography] Unsubscribe

2013-08-27 Thread Jordan
Unsubscribe ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-08-27 Thread Jerry Leichter
On Aug 27, 2013, at 9:41 PM, Perry E. Metzger wrote: On Tue, 27 Aug 2013 21:13:59 -0400 Jerry Leichter leich...@lrw.com wrote: I wonder if much of the work on secure DHT's and such is based on bad assumptions. A DHT is just a key/value mapping. There are two reasons to want to distribute

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-08-27 Thread Phillip Hallam-Baker
On Tue, Aug 27, 2013 at 10:18 PM, Perry E. Metzger pe...@piermont.comwrote: On Tue, 27 Aug 2013 19:57:30 -0600 Peter Saint-Andre stpe...@stpeter.im wrote: On 8/27/13 7:47 PM, Jonathan Thornburg wrote: On Tue, 27 Aug 2013, Perry E. Metzger wrote: Say that you want to distribute a

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Jerry Leichter
On Aug 27, 2013, at 9:48 PM, Perry E. Metzger wrote: On Tue, 27 Aug 2013 22:04:22 +0100 Wendy M. Grossman wen...@pelicancrossing.net wrote: On 08/27/2013 18:34, ianG wrote: Why do we need the 1980s assumption of being able to send freely to everyone, anyway? It's clear you're not a

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-08-27 Thread Christian Huitema
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The DHT model says that millions of Raspberry Pi's and thumb drives together implement this immense database. But since a DHT, by design, scatters the data around the network at random, *my* thumb drive is full of information that I will

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-08-27 Thread Christian Huitema
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Suppose, as in Bitcoin, my email address *is* my public key You can even use some hash compression tricks so you only need 9 or 10 characters to express the address as hash of the public key. That works very well, until you have to change the