alt.anonymous.messages practice
dmolnar
dmolnar at hcs.harvard.edu
Mon Aug 13 16:49:33 PDT 2001
I just took a look at the first 10 messages I could pull down from
alt.anonymous.messages using pgp2.6.2 . Eight were encrypted with
symmetric encryption. One was encrypted with keyID 591B0E69. A last one
identified itself as encrypted with public-key crypto, but in a format not
otherwise intelligible to poor 2.6.2 .
Now, keyID 591B0E69 isn't in the keyservers, of course, but it will be
interesting to watch alt.anonymous.messages for the next few days and see
if any other messages encrypted to that key should show up. Well, if I
get around to writing the scripts to watch for it, which I probably won't.
I don't suppose anyone's been gathering data like this in public? In
particular, it'll be interesting to see if 591B0E69 is simply receiving an
initial message (to set up a shared password for conventional encryption)
-- or if it will receive many more messages.
This is a good reason to use Adam Back's Stealth PGP. Although, as David
Hopwood has pointed out, ordinary RSA may reveal information about the key
used to encrypt, even if the headers are stripped out. There are fixes for
that, of course, but not yet deployed AFAIK.
More information about the cypherpunks-legacy
mailing list