-----BEGIN PGP SIGNED MESSAGE----- Alex Strasheim writes:

One solution that I've thought about is only passing messages which are composed of cyphertext. Does this make any sense?

This sounds useful, but I'm curious how you would enforce it. I would think you'd need to do some nontrivial statistical analysis to be reasonably sure you weren't allowing various binaries, uuencoded files, etc. with faked PGP headers, without preventing people from using other encryption schemes. I'd say this is the flip side of the challenge faced by governments trying to outlaw transmissions using strong crypto. Incidentally, I'd love to get pointers to online pieces of code which perform various statistical tests on data to find patterns characteristic of particular encryption schemes, &c. for cryptanalysis. I want to cryptanalyze a couple of encryption algorithms and would like to do some experimental work. Please send me mail directly and I will summarize to the list later on. My starting points are Applied Crypto, the CEB, and Tim's Cyphernomicon. -L. Futplex McCarthy; use "Subject: remailer-help" for an autoreply PGP key by finger or server; "Better watch what you say, or they'll be calling you a radical...a liberal" --Supertramp "[CIA/KGB mole Aldrich Ames] took information in shopping bags out the front door" --miscellaneous Congressperson -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLtJ3tWf7YYibNzjpAQGOVwQApexTVG/PfeHNQcE+xr5lsCWxtnC13/EL GE8A8T77YavVQDUt3P7zWH8nw05OUosUgwe3QQKu+rRQGV1Y5dLcpxMQIk/iFSE1 3hMzZYCv6L6OQ0wyt8VOuEGmg8ffvBIod9C9i9PndmHZY73j3WPoSbDXLsBXlQu4 my8Oz2NLAP4= =Zxlu -----END PGP SIGNATURE-----