in the process of doing stuff to fight traffic analysis, i need to generate a bunch of fake pgp messages. it is possible to asciiarmor random bits, but this is pretty easy to spot. does anyone know a good way to generate a large amount of bogus pgp messages?
What better way than to generate real pgp messages that encrypt noise files? Just generate pseudorandom binary data of pseudorandom length (biased toward the length of real messages), and encrypt with pgp, using the public key of some person's key from a public server, selected at random. If you want to be able to spend less cpu time, you could hack a copy of pgp to simulate doing this, of course, using the symmetric key cipher (idea) in a stream cipher mode.
Better "noise" might be _real_ words, paragraphs, etc. It occurred to me once that some of the remailer operators could bounce the cypherpunks mailing list around through their remailers to get more traffic/noise. Cort.