[Cryptography] prism proof email, namespaces, and anonymity

Max Kington mkington at webhanger.com
Sat Sep 14 12:23:40 EDT 2013

On Fri, Sep 13, 2013 at 10:12 PM, Perry E. Metzger <perry at piermont.com>wrote:

> On Fri, 13 Sep 2013 16:55:05 -0400 John Kelsey <crypto.jmk at gmail.com>
> wrote:
> > Everyone,
> >
> > The more I think about it, the more important it seems that any
> > anonymous email like communications system *not* include people who
> > don't want to be part of it, and have lots of defenses to prevent
> > its anonymous communications from becoming a nightmare for its
> > participants.  If the goal is to make PRISM stop working and make
> > the email part of the internet go dark for spies (which definitely
> > includes a lot more than just US spies!), then this system has to
> > be something that lots of people will want to use.
> >
> > There should be multiple defenses against spam and phishing and
> > other nasty things being sent in this system, with enough
> > designed-in flexibility to deal with changes in attacker behavior
> > over tome.
> Indeed. As I said in the message I just pointed Nico at:
> http://www.metzdowd.com/pipermail/cryptography/2013-August/016874.html
> Quoting myself:
>    Spam might be a terrible, terrible problem in such a network since
>    it could not easily be traced to a sender and thus not easily
>    blocked, but there's an obvious solution to that. I've been using
>    Jabber, Facebook and other services where all or essentially all
>    communications require a bi-directional decision to enable messages
>    for years now, and there is virtually no spam in such systems
>    because of it. So, require such bi-directional "friending" within
>    our postulated new messaging network -- authentication is handled
>    by the public keys of course.

The keys. This to me is the critical point for widespread adoption, key
management. How do you do this in a way that doesn't put people off

There are two new efforts I'm aware if trying to solve this in a user
friendly way are https://parley.co/#how-it-works and http://mailpile.is.

Parley's approach does at least deal with the longevity of the private key
although it does boil security down to a password, if I can obtain their
packet and the salt I can probably brute force the password.
I've exchanged mails with the mailpile.is guys and I think they're still
looking at the options.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130914/0bf20148/attachment.html>

More information about the cryptography mailing list