PGP & GPG compatibility

Pete Chown Pete.Chown at skygate.co.uk
Mon Jan 21 06:02:42 EST 2002 

John Gilmore wrote:

> Brad Templeton has been kicking around some ideas on how to make
> zero-UI encryption work (with some small UI available for us experts
> who care more about our privacy than the average joe).

That's an interesting article.  I wrote Whisper
(http://234.cx/whisper.php) as a different way of making crypto more
usable.  The idea is that you simply agree a pass phrase with the
correspondent beforehand.  You then encrypt your message with a small
and hopefully bullet-proof program.  It isn't innovative
cryptographically, and that is the point -- hopefully it is simple
enough that anyone with basic computer literacy can make it work.

Of course the effect of Whisper is different to the zero-UI encryption. 
Whisper provides you with good security (subject to weak pass phrases
and bugs), but you must agree a pass phrase beforehand.  Zero-UI
encryption is more vulnerable to active attacks on the network, but
works with much less effort.

One enhancement to the zero-UI model that I think might be worthwhile is
automated key exchange ahead of the first message.  So when Alice asks
to email Bob, her computer first sends a message asking for Bob's key. 
When the reply is received, Alice's original message is taken out of the
queue, encrypted and sent.  This way the first message doesn't go across
the network in the clear.

If we don't want to add another round-trip time, we could make keys
available from a key server.  This would have the disadvantage that
attackers could compromise the key server and replace the keys with
false ones.  However, this would be detected almost straight away if
they could not modify communications going directly between Alice and
Bob -- Bob would receive a message that he couldn't decrypt.  Normally
surveillance operations have to be kept secret so this kind of attack
would be impractical.

-- 
Pete




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list