Remailer passphrases
Perry E. Metzger
perry at piermont.com
Tue Mar 12 15:14:50 PST 1996
Bill Frantz writes:
> One of the reasons classical (government) crypto users change keys
> frequently is to minimize the amount of data compromised by a broken key.
> We keep hearing about NSA decrypting 20 year old cyphertext and showing
> more of the workings of the atomic spy rings operating in the 40s and 50s.
> If an opponent can rubber hose the key, her job is easy. If she has to
> perform cryptoanalysis, it is much harder. Remailers should regularly
> change their keys to avoid compromising previously recorded traffic. (They
> can have a long lived key for signing their traffic keys.)
Signed Diffie-Hellman key exchanges have the property known as
"Perfect Forward Secrecy". Even if the opponent gets your public keys
it still will not decrypt any traffic for him at all -- it just lets
him pretend to be you. Thats one reason why protocols like Photuris
and Oakley use the technique.
Perry
More information about the cypherpunks-legacy
mailing list