[146480] in cryptography@c2.net mail archive
Re: [Cryptography] Email and IM are ideal candidates for mix
daemon@ATHENA.MIT.EDU (Jon Callas)
Fri Aug 30 01:33:03 2013
X-Original-To: cryptography@metzdowd.com
From: Jon Callas <jon@callas.org>
In-Reply-To: <69A7EDBA-C82E-4AFE-BD0A-3A267B556046@lrw.com>
Date: Thu, 29 Aug 2013 22:31:55 -0700
To: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Aug 29, 2013, at 3:43 AM, Jerry Leichter <leichter@lrw.com> wrote:
> - If I need to change because the private key was compromised, there's nothing I can do about past messages; the question is what I do to minimize the number of new messages that will arrive with a now-known-insecure key. This was the case I assumed the previous poster was concerned with.
Personally, I think you shouldn't worry about this.
The real sin is getting an attachment to a key. You are much better off developing a philosophy of key management in which you use it and then get rid of it regularly.
If you do this reasonably well, it reduces the chance that a key will get compromised because its aegis, footprint, shadow, etc. is small. It also reduces the effect because most likely it takes more time to break the key than its lifetime; I consider hacking the key, stealing it, etc. to be a form of breaking. Stealing a key through a 'sploit is also cryptanalysis.
Be Buddist about your keys and have no attachments. (This is also a good philosophy about mail, but that's a different discussion.)
> - As I outlined things, there was never a reason you couldn't have multiple public keys, and in fact it would be a good idea to make traffic analysis harder. Adding a new key for "a new facet of your electronic life" is trivial.
That's a fine step to a good attitude, but the effect on traffic analysis will be small or close to nil. Traffic analysis includes social graph analysis and any good social graph analysis will include probabilities that an entity will have different personae. Keys are just masks, too, just like a persona.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii
wj8DBQFSIC5MsTedWZOD3gYRAmpmAJ0UJ7K9GWo9FLSa8HR1CmSbWRZcgQCgkuif
rbTWOi5eHdxNpRzQ9VkqDBY=
=PpOZ
-----END PGP SIGNATURE-----
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
