Remailer passphrases

[Chris McAuliffe]

-----BEGIN PGP SIGNED MESSAGE-----

[To: perry at piermont.com]
[cc: cypherpunks at toad.com]
[Subject: Re: Remailer passphrases ]
[In-reply-to: Your message of Tue, 12 Mar 96 14:51:47 EST.]
             <199603121951.OAA02237 at jekyll.piermont.com> 

"Perry E. Metzger" <perry at piermont.com> enscribed:
>Bill Frantz writes:
>> One of the reasons classical (government) crypto users change keys
>> frequently is to minimize the amount of data compromised by a broken key. 
>> We keep hearing about NSA decrypting 20 year old cyphertext and showing
>> more of the workings of the atomic spy rings operating in the 40s and 50s. 
>> If an opponent can rubber hose the key, her job is easy.  If she has to
>> perform cryptoanalysis, it is much harder.  Remailers should regularly
>> change their keys to avoid compromising previously recorded traffic.  (They
>> can have a long lived key for signing their traffic keys.)

>Signed Diffie-Hellman key exchanges have the property known as
>"Perfect Forward Secrecy". Even if the opponent gets your public keys
>it still will not decrypt any traffic for him at all -- it just lets
>him pretend to be you. Thats one reason why protocols like Photuris
>and Oakley use the technique.

True, but when the problem at hand is sending mail to a remailer, the
technique is of little or no value, since there is no initial exchange,
right? So this is a misleading argument. At least it is related to
cryptography and The Cypherpunk Agenda(tm)!

Chris McAuliffe <cmca at alpha.c2.org> (No, not that one.)

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMUX9UIHskC9sh/+lAQGItwP+IfITBi+LUAcV9O1w6071zvmNaDQNC5nG
OVe34+h5kKDyBnb2bLuVX5zEtuS56tiE0mgEaD5nevoRLijW1qqCRAsxi9/pfKcp
tjWzU1qbUptkJn8LBZPzFXGsXuHh6cF/W1Zk1q+81KURRkH0glYI2u0HY740YF7J
dxidEBZRQKc=
=8F6m
-----END PGP SIGNATURE-----