[147116] in cryptography@c2.net mail archive
Re: [Cryptography] prism proof email, namespaces, and anonymity
daemon@ATHENA.MIT.EDU (Max Kington)
Sat Sep 14 12:38:34 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20130913171243.1ce2325e@jabberwock.cb.piermont.com>
Date: Sat, 14 Sep 2013 17:23:40 +0100
From: Max Kington <mkington@webhanger.com>
To: "Perry E. Metzger" <perry@piermont.com>
Cc: John Kelsey <crypto.jmk@gmail.com>,
"cryptography@metzdowd.com List" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============2265784337753240856==
Content-Type: multipart/alternative; boundary=089e0122e6e6daac6a04e65a642c
--089e0122e6e6daac6a04e65a642c
Content-Type: text/plain; charset=ISO-8859-1
On Fri, Sep 13, 2013 at 10:12 PM, Perry E. Metzger <perry@piermont.com>wrote:
> On Fri, 13 Sep 2013 16:55:05 -0400 John Kelsey <crypto.jmk@gmail.com>
> wrote:
> > Everyone,
> >
> > The more I think about it, the more important it seems that any
> > anonymous email like communications system *not* include people who
> > don't want to be part of it, and have lots of defenses to prevent
> > its anonymous communications from becoming a nightmare for its
> > participants. If the goal is to make PRISM stop working and make
> > the email part of the internet go dark for spies (which definitely
> > includes a lot more than just US spies!), then this system has to
> > be something that lots of people will want to use.
> >
> > There should be multiple defenses against spam and phishing and
> > other nasty things being sent in this system, with enough
> > designed-in flexibility to deal with changes in attacker behavior
> > over tome.
>
> Indeed. As I said in the message I just pointed Nico at:
> http://www.metzdowd.com/pipermail/cryptography/2013-August/016874.html
>
> Quoting myself:
>
> Spam might be a terrible, terrible problem in such a network since
> it could not easily be traced to a sender and thus not easily
> blocked, but there's an obvious solution to that. I've been using
> Jabber, Facebook and other services where all or essentially all
> communications require a bi-directional decision to enable messages
> for years now, and there is virtually no spam in such systems
> because of it. So, require such bi-directional "friending" within
> our postulated new messaging network -- authentication is handled
> by the public keys of course.
>
The keys. This to me is the critical point for widespread adoption, key
management. How do you do this in a way that doesn't put people off
immediately.
There are two new efforts I'm aware if trying to solve this in a user
friendly way are https://parley.co/#how-it-works and http://mailpile.is.
Parley's approach does at least deal with the longevity of the private key
although it does boil security down to a password, if I can obtain their
packet and the salt I can probably brute force the password.
I've exchanged mails with the mailpile.is guys and I think they're still
looking at the options.
Max
--089e0122e6e6daac6a04e65a642c
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Fri, Sep 13, 2013 at 10:12 PM, Perry E. Metzger <span dir=3D"ltr=
"><<a href=3D"mailto:perry@piermont.com" target=3D"_blank">perry@piermon=
t.com</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex">On Fri, 13 Sep 2013 16:55:05 -0400 John Kelsey <<a href=
=3D"mailto:crypto.jmk@gmail.com">crypto.jmk@gmail.com</a>><br>
wrote:<br>
<div class=3D"im">> Everyone,<br>
><br>
> The more I think about it, the more important it seems that any<br>
> anonymous email like communications system *not* include people who<br=
>
> don't want to be part of it, and have lots of defenses to prevent<=
br>
> its anonymous communications from becoming a nightmare for its<br>
> participants. =A0If the goal is to make PRISM stop working and make<br=
>
> the email part of the internet go dark for spies (which definitely<br>
> includes a lot more than just US spies!), then this system has to<br>
> be something that lots of people will want to use.<br>
><br>
> There should be multiple defenses against spam and phishing and<br>
> other nasty things being sent in this system, with enough<br>
> designed-in flexibility to deal with changes in attacker behavior<br>
> over tome.<br>
<br>
</div>Indeed. As I said in the message I just pointed Nico at:<br>
<a href=3D"http://www.metzdowd.com/pipermail/cryptography/2013-August/01687=
4.html" target=3D"_blank">http://www.metzdowd.com/pipermail/cryptography/20=
13-August/016874.html</a><br>
<br>
Quoting myself:<br>
<br>
=A0 =A0Spam might be a terrible, terrible problem in such a network since<b=
r>
=A0 =A0it could not easily be traced to a sender and thus not easily<br>
=A0 =A0blocked, but there's an obvious solution to that. I've been =
using<br>
=A0 =A0Jabber, Facebook and other services where all or essentially all<br>
=A0 =A0communications require a bi-directional decision to enable messages<=
br>
=A0 =A0for years now, and there is virtually no spam in such systems<br>
=A0 =A0because of it. So, require such bi-directional "friending"=
within<br>
=A0 =A0our postulated new messaging network -- authentication is handled<br=
>
=A0 =A0by the public keys of course.<br></blockquote><div><br></div><p dir=
=3D"ltr" style=3D"font-family:arial,sans-serif;font-size:13px">The keys. Th=
is to me is the critical point for widespread adoption, key management. How=
do you do this in a way that doesn't put people off immediately.</p>
<p dir=3D"ltr" style=3D"font-family:arial,sans-serif;font-size:13px">There =
are two new efforts I'm aware if trying to solve this in a user friendl=
y way are=A0<a href=3D"https://parley.co/#how-it-works" target=3D"_blank">h=
ttps://parley.co/#how-it-works</a>=A0and=A0<a href=3D"http://mailpile.is/" =
target=3D"_blank">http://mailpile.is</a>.</p>
<p dir=3D"ltr" style=3D"font-family:arial,sans-serif;font-size:13px">Parley=
's approach does at least deal with the longevity of the private key al=
though it does boil security down to a password, if I can obtain their pack=
et and the salt I can probably brute force the password.</p>
<div><span style=3D"font-family:arial,sans-serif;font-size:13px">I've e=
xchanged mails with the</span><span style=3D"font-family:arial,sans-serif;f=
ont-size:13px">=A0</span><a href=3D"http://mailpile.is/" target=3D"_blank" =
style=3D"font-family:arial,sans-serif;font-size:13px">mailpile.is</a><span =
style=3D"font-family:arial,sans-serif;font-size:13px">=A0</span><span style=
=3D"font-family:arial,sans-serif;font-size:13px">guys and I think they'=
re still looking at the options.</span><span style=3D"font-family:arial,san=
s-serif;font-size:13px">=A0</span>=A0</div>
<div><br></div><div>Max</div></div><br></div></div>
--089e0122e6e6daac6a04e65a642c--
--===============2265784337753240856==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============2265784337753240856==--