One of the things I've noticed about PGP is that it makes it pretty
obvious that you're sending an encrypted message. The big
-----BEGIN PGP MESSAGE-----
at the start pretty much gives that away.
In most cases, this is fine, but sometimes it may not be desirable
to make it this obvious. Sending encrypted messages may call
unwelcome attention to yourself. Also, some people are experimenting
with packet radio on the amateur bands, and it's not legal to send
encrypted messages there.
What I think would be nice would be an "innocent" mode for PGP
in which it created files which looked like something else. For
example, what if your encrypted output file looked like:
begin 666 testpat.gif
MI\44:#G4D>QQXR!-M,Z20O1K&5D0, 5-4F.X<%MT
M2:V94,K;XE@B?]%IHF+_
One of the things I've noticed about PGP is that it makes it pretty obvious that you're sending an encrypted message. [...] Sending encrypted messages may call unwelcome attention to yourself.
First, let me get on record as saying that Hal's "innocent mode" is a good idea that should be implemented. But it's not really a good long-term solution from a social point of view. Encrypted traffic should become the norm, not the exception. Flagging that you're sending encrypted traffic should be encouraged. When questioned about this, people should respond in shocked tones "What do mean? Aren't you encrypting _your_ email?" and then proceed to suppress gentle laughter at them when they say no. When it's cool to encrypt, only the uncool will be plain. So, then, more peer pressure! Consider someone asking you about your encrypted mail to be an opportunity to start a conversation about their position on personal privacy. When your sysadmin asks why your mail can't be read, tell him you are defending your privacy and ask if there is any problem with that. Then, when the sysadmin puts in a filter for PGP traffic, use innocent mode.
Another thing that I think is kind of bad about PGP in the context of avoiding traffic analysis is that it puts the key ID of the destination person in the header.
Absolutely. Ditto for signatures. Both should be able to be selectively removed. In any case, it should be possible to have nothing appear on the outer envelope. Another feature for PGP would be automatic message padding. To properly do a mix you need to quantize the message lengths. If PGP were to automatically pad with random data, it would save a lot of integration work for the mix. PGP already has a random number generator, after all. Eric
participants (2)
-
Eric Hughes
-
nobody@soda.berkeley.edu