[788] in cryptography@c2.net mail archive
Re: forward secrecy and email protocols
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Sat May 10 12:32:53 1997
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: aba@dcs.ex.ac.uk
Cc: cryptography@c2.net
Reply-To: pgut001@cs.auckland.ac.nz
X-Charge-To: pgut001
Date: Sat, 10 May 1997 09:03:54 (NZST)
>The problem is how do we easily integrate this into existing mail
>protocols, which are non-interactive. If we modify SMTP to do D-H key
>exchange, we have shifted the security from keys held by the user, to
>keys held by the SMTP daemon.
Why not bolt something like SKEME over the top of SMTP? This gives perfect
forward secrecy and authentication (and has several other neat features as
well, depending on your requirements). You could write a daemon which does
something like listen on port 8025 (following the HTTP 80 vs 8080 port usage,
although the semantics there are slightly different) and then redirect the
result back to 25 locally once the crypto is done with. If you can't connect
on 8025 you can give the user the option of falling back to 25 (which,
however, provides for a great denial-of-service attack).
Peter.
