"PGP Encryption Proves Powerful"
John Kelsey
kelsey.j at ix.netcom.com
Sat May 31 12:28:59 EDT 2003
At 01:22 PM 5/29/03 -0400, Ian Grigg wrote:
>The following appears to be a bone fide case of a
>threat model in action against the PGP program.
...
Two comments:
a. It sure seems like it would be a pain to enter a long passphrase on one
of these things, so that seems like the most plausible attack. But I agree
that it would be nice to know more about actual fielded attacks. (The
problem is that if you're actually using them to gather information, you
won't want to disclose your methods.)
b. A nasty (likely to backfire) trick would be to generate a long random
password, use it to encrypt a bunch of data, and then forget the
password. Something as simple as the MD5 of the results of typing into a
buffer for a couple minutes would do fine. No attacker will ever guess
it. Of course, the judge may not believe you when you explain why you
don't know those passwords, and the cops may try to beat the answers out of
you if they're convinced enough that you're a bad guy....
--John Kelsey, kelsey.j at ix.netcom.com
PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list