D-H Forward Secrecy for E-Mail?

William H. Geiger III whgiii at invweb.net
Sun Oct 12 19:32:36 PDT 1997



In <199710130116.CAA01032 at server.test.net>, on 10/13/97 
   at 02, Adam Back <aba at dcs.ex.ac.uk> said:

>As pgp 5.0 uses key servers directly from the mail client (and some other
>clients do also), this all works out because you just publish your new
>weekly communications key on the keyserver, and this eliminates the need
>for interactive communications with your recipient which true DH PFS
>requires.  In fact I think you could do this right now, if you made it
>clear to others that your key has short expiry in your .signature or
>whatever.  As I mentioned in another post David Wagner currently does
>just this.

Adam,

Have you considered the logistical nightmare that this would cause?? I can
see that you are unaware of the precarious state the current PGP Public
Key Server Network is in. Right now it is getting by but this increase in
load would bring it all to a screeching halt. There have been suggestions
of moving key distributution to the DNS but I seriously doubt even it
would handle the traffic.

Also what happens to the "web of trust" in such a system of high key
turnover?

Exactly how much added security is provided by all of this?? While Forward
security via DH "may" be more secure is the added expense of implementing
such a system justified?? We all could switch to using OTP's for maximum
security but I doubt that few if any would justify the cost of such a
system.

PS: current PGP key format does have a field for key expiration. Until 5.0
it was only used in the Viacrypt version.

-- 
---------------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html                        
---------------------------------------------------------------







More information about the cypherpunks-legacy mailing list