Discussion:
Legitimate USES of PGP
(too old to reply)
Anonymous
2009-05-15 03:58:32 UTC
Permalink
Paul L. Allen (***@sktb.demon.co.uk) wrote:
: In article <huff-***@edhuff.dial.net.nyu.edu>
: ***@mcclb0.med.nyu.edu (Edward J. Huff) writes:

: > The FBI, et. al., are woried about the fact that PGP now makes it possible
: > to carry out illegal conspiracies without any face-to-face meetings or any
: > evidence at all of any meeting.

: Not entirely true - traffic analysis would allow the authorities to determine
: that messages were exchanged between `Basher' Blogs, `Fingers' Smith and
: `Mad Dog' Jones prior to the capture and arrest of `Mad Dog' Jones after
: a robbery.

No. Check out the various "remailers" that make traffic analysis
extremely difficult, and will fairly soon make it intractable.

These remailers support encryption, so that a remailer node only knows
from what site it got the message and to what site it is supposed to
send the outgoing packet (which is likely still encrypted, to the
public key of the _next_ node).

If a packet is sent through this Chaum-style system of "mixes," the
traffic analyst faces a nearly hopeless task. (How hopeless is the
task depends on how many mixes, the message latency number, quantizing
of packet sizes to fixed sizes, and so on.)

If I were the FBI, I'd be panicked too. Fortunately for us, it's
already too late to stop these developments.

--Tim May
Dustbin
2009-05-15 07:11:37 UTC
Permalink
Post by Anonymous
: > The FBI, et. al., are woried about the fact that PGP now makes it possible
: > to carry out illegal conspiracies without any face-to-face meetings or any
: > evidence at all of any meeting.
: Not entirely true - traffic analysis would allow the authorities to determine
: that messages were exchanged between `Basher' Blogs, `Fingers' Smith and
: `Mad Dog' Jones prior to the capture and arrest of `Mad Dog' Jones after
: a robbery.
No. Check out the various "remailers" that make traffic analysis
extremely difficult, and will fairly soon make it intractable.
These remailers support encryption, so that a remailer node only knows
from what site it got the message and to what site it is supposed to
send the outgoing packet (which is likely still encrypted, to the
public key of the _next_ node).
Point of interest:

Are you saying that when a piece is encrypted on
your (client) system and sent to a remote system
(such as a bank) each node that the message
passes through will decrypt the message and then
re-encrypt it for the next node?

If that is the case there is no security in the
system at all. Also it is extremely difficult to
'tap' a fibre optic cable and while not
difficult it is clumsy to 'tap' a copper loop
cable. E.g. the point at which it is encrypted
it does not really need to be! The point at
which monitoring would be expected to occur is
at the first (ISP host) system. But if that
system decrypts the message the security is
demolished.

Can you clarify.

D.
George Orwell
2009-05-16 11:22:39 UTC
Permalink
On Fri, 15 May 2009 08:11:37 +0100, Dustbin
Post by Dustbin
Post by Anonymous
: > The FBI, et. al., are woried about the fact that PGP now makes it possible
: > to carry out illegal conspiracies without any face-to-face meetings or any
: > evidence at all of any meeting.
: Not entirely true - traffic analysis would allow the authorities to determine
: that messages were exchanged between `Basher' Blogs, `Fingers' Smith and
: `Mad Dog' Jones prior to the capture and arrest of `Mad Dog' Jones after
: a robbery.
No. Check out the various "remailers" that make traffic analysis
extremely difficult, and will fairly soon make it intractable.
These remailers support encryption, so that a remailer node only knows
from what site it got the message and to what site it is supposed to
send the outgoing packet (which is likely still encrypted, to the
public key of the _next_ node).
Are you saying that when a piece is encrypted on
your (client) system and sent to a remote system
(such as a bank) each node that the message
passes through will decrypt the message and then
re-encrypt it for the next node?
No. It's encrypted in layers like an onion for every node on its path
before it leaves your computer.
Society
2009-05-17 09:15:27 UTC
Permalink
Post by Anonymous
: >
: > The FBI, et. al., are woried about the fact that PGP
: > [Pretty Good Privacy, a freely available yet sophisticated
: > computer data encryption system] now makes it possible
: > to carry out illegal conspiracies without any face-to-face
: > meetings or any evidence at all of any meeting.
: Not entirely true - traffic analysis would allow the authorities
: to determine that messages were exchanged between
: `Basher' Blogs, `Fingers' Smith and `Mad Dog' Jones prior
: to the capture and arrest of `Mad Dog' Jones after a robbery.
No. Check out the various "remailers" that make traffic analysis
extremely difficult, and will fairly soon make it intractable.
These remailers support encryption, so that a remailer node
only knows from what site it got the message and to what site
it is supposed to send the outgoing packet (which is likely
still encrypted, to the public key of the _next_ node).
Are you saying that when a piece is encrypted on your (client) system and
sent to a remote system (such as a bank) each node that the message passes
through will decrypt the message and then re-encrypt it for the next node?
No, that's not quite what Anonymous was saying. The client
passes an encrypted message to a node in a collection of
anonymizing remailer nodes. Each node takes what it receives,
adds another layer of encryption, then passes the doubly-
encrypted message to another remailer node. That node
decrypts the outer layer of encryption, decides whether the
message has been bounced around the collection of remailer
nodes sufficiently enough to confound traffic analysis then
either passes the message as the client originally encrypted it
out of the remailer's virtual network and into the Internet
cloud for delivery to the intended final recipient or re-encrypts
the message and passes it on to another remailer node.

Other modifications to the remailer software and data-stream
manipulations that will further confound traffic analysis
are possible. Identifying them is left to the interested reader.

HTH.
--
The Ten Rules of Hip

Rule #1: If you ever describe yourself as hip, you're not hip.
Rule #2: If you try to be hip, you're not hip. These people are not
hip.
Rule #10: If you need to follow a set of rules to be hip, you're not
hip.

Rules 3 through 9 are still in the oven. Stay tuned. Or not.
Whatever's hip.

The Home for Wayward Statisticians: The Ten Rules of Hip
<http://waywardstats.spaces.live.com/blog/cns!D32696C64D65A6A5!992.entry>
Dave U. Random
2009-05-17 12:05:24 UTC
Permalink
Post by Society
Post by Anonymous
: >
: > The FBI, et. al., are woried about the fact that PGP
: > [Pretty Good Privacy, a freely available yet sophisticated
: > computer data encryption system] now makes it possible
: > to carry out illegal conspiracies without any face-to-face
: > meetings or any evidence at all of any meeting.
: Not entirely true - traffic analysis would allow the authorities
: to determine that messages were exchanged between
: `Basher' Blogs, `Fingers' Smith and `Mad Dog' Jones prior
: to the capture and arrest of `Mad Dog' Jones after a robbery.
No. Check out the various "remailers" that make traffic analysis
extremely difficult, and will fairly soon make it intractable.
These remailers support encryption, so that a remailer node
only knows from what site it got the message and to what site
it is supposed to send the outgoing packet (which is likely
still encrypted, to the public key of the _next_ node).
Are you saying that when a piece is encrypted on your (client) system and
sent to a remote system (such as a bank) each node that the message passes
through will decrypt the message and then re-encrypt it for the next node?
No, that's not quite what Anonymous was saying. The client
passes an encrypted message to a node in a collection of
anonymizing remailer nodes. Each node takes what it receives,
adds another layer of encryption, then passes the doubly-
<snip>

You couldn't have fucked it up more if you tried. Exactly ass
backwards. Nodes don't ADD layers of encryption, they REMOVE them.
Your message is encrypted to each node in your chain in turn before
it ever leaves your machine.
Post by Society
encrypted message to another remailer node. That node
decrypts the outer layer of encryption, decides whether the
message has been bounced around the collection of remailer
Nodes don't decide shit. They strip their layer of encryption and
look for the next address to forward the packet to, or in the case
of an exit node, the final destination of your message.
Post by Society
nodes sufficiently enough to confound traffic analysis then
either passes the message as the client originally encrypted it
out of the remailer's virtual network and into the Internet
cloud for delivery to the intended final recipient or re-encrypts
the message and passes it on to another remailer node.
A remailer node couldn't POSSIBLY know if a message has "bounced
around the collection of remailer nodes" enough. If any node could
know how much bouncing a message has done, the remailer network
would be horribly broken.
Post by Society
Other modifications to the remailer software and data-stream
manipulations that will further confound traffic analysis
are possible. Identifying them is left to the interested reader.
HTH.
Anonymous Remailer (austria)
2009-05-17 16:02:03 UTC
Permalink
Post by Society
Are you saying that when a piece is encrypted on your (client) system
and sent to a remote system (such as a bank) each node that the message
passes through will decrypt the message and then re-encrypt it for the
next node?
No, that's not quite what Anonymous was saying.
<gibberish snipped>

The client, a program like quicksilver, encrypts the message multiple
times, once for each remailer it will pass through.

The message is then sent to the first remailer in the chain of remailers.
Since the last or outer layer of encryption used that first remailer's
key, that remailer can decrypt the message.

What it sees is the address of the second remailer in the chain, followed
by the message, this time encrypted with the key of the second remailer.

It sends the message to the second remailer, and the process is repeated
until the message gets to the last remailer in the chain.

When the last remailer decrypts the message, it sees clear text, with the
address of the recipient.

It then sends the clear text message to that address.

Each remailer will hold the message for a random period of time before
sending it to the next remailer.

Encrypting a message multiple times does not make it larger. You could
encrypt the message 10 times and it would be about the same size as at
the beginning.
Unruh
2009-05-17 17:07:20 UTC
Permalink
Post by Anonymous Remailer (austria)
Post by Society
Are you saying that when a piece is encrypted on your (client) system
and sent to a remote system (such as a bank) each node that the message
passes through will decrypt the message and then re-encrypt it for the
next node?
No, that's not quite what Anonymous was saying.
<gibberish snipped>
The client, a program like quicksilver, encrypts the message multiple
times, once for each remailer it will pass through.
The message is then sent to the first remailer in the chain of remailers.
Since the last or outer layer of encryption used that first remailer's
key, that remailer can decrypt the message.
What it sees is the address of the second remailer in the chain, followed
by the message, this time encrypted with the key of the second remailer.
It sends the message to the second remailer, and the process is repeated
until the message gets to the last remailer in the chain.
When the last remailer decrypts the message, it sees clear text, with the
address of the recipient.
It then sends the clear text message to that address.
Each remailer will hold the message for a random period of time before
sending it to the next remailer.
Encrypting a message multiple times does not make it larger. You could
encrypt the message 10 times and it would be about the same size as at
the beginning.
Each encryption DOES add length-- at least 1024 bits (assuming a 1024
bit key) to hold the encrypted version of the symmetric key whith which
the encryption was done. If you message is 10GB that does not matter (
about the same size). If your message is two bytes (eg No) that extra
1024 bits increases the size a lot.
Non scrivetemi
2009-05-17 21:19:29 UTC
Permalink
Post by Unruh
Post by Anonymous Remailer (austria)
Encrypting a message multiple times does not make it larger. You could
encrypt the message 10 times and it would be about the same size as at
the beginning.
Each encryption DOES add length-- at least 1024 bits (assuming a 1024
bit key) to hold the encrypted version of the symmetric key whith
which the encryption was done. If you message is 10GB that does not
matter ( about the same size). If your message is two bytes (eg No)
that extra 1024 bits increases the size a lot.
The idea that percentage increases are significant is rubbish. Any
difference in packet size would make tracing messages a snap.

The messages are all padded to standard lengths to avoid this obvious
problem. Do you wankers really think you're going to shoot holes in
Mixmaster? Not bloody likely.

Loading...