...

...

in the process of doing stuff to fight traffic analysis, i need to generate a bunch of fake pgp messages. it is possible to asciiarmor random bits, but this is pretty easy to spot. does anyone know a good way to generate a large amount of bogus pgp messages?

What better way than to generate real pgp messages that encrypt noise files? Just generate pseudorandom binary data of pseudorandom length (biased toward the length of real messages), and encrypt with pgp, using the public key of some person's key from a public server, selected at random. If you want to be able to spend less cpu time, you could hack a copy of pgp to simulate doing this, of course, using the symmetric key cipher (idea) in a stream cipher mode.

Better "noise" might be _real_ words, paragraphs, etc.

It occurred to me once that some of the remailer operators could bounce the cypherpunks mailing list around through their remailers to get more traffic/noise.

why not take a random news group comp.talk.eff seems like a good one and encrypt that and mail out one article whenever you need or whenever your news server recieves one. You could then tailor the frequency by choosing high or low volume news groups.

Cort.

Ian Turton - School of Geography, Leeds University 0532 -333309