[Cryptography] prism proof email, namespaces, and anonymity

[John Kelsey]

On Sep 15, 2013, at 7:47 AM, Adam Back <adam at cypherspace.org> wrote:

> Another design permutation I was thinking could be rather interesting is
> unobservable mail.  That is to say the participants know who they are
> talking to (signed, non-pseudonymous) but passive observers do not.  It
> seems to me that in that circumstance you have more design leverage to
> increase the security margin using PIR like tricks than you can with
> pseudonymous/anonymous - if the "contract" is that the system remains very
> secure so long as both parties to a communication channel want it to remain
> that way.

This seems like the main way most people would want PPE to work--like email they have now, but much more secure and resistant to abuse.  In the overwhelming majority of cases, I know and want to know the people I'm talking with.  I just don't want to contents of those conversations or the names of people I'm talking with to be revealed to eavesdroppers.  And if I get an email from one of my regular correspondents, I'd like to know it came from him, rather than being spoofed from someone else.  

For most people, I'm pretty sure the security problems with email are centered around the problem of getting unwanted communication from people you don't want to hear from, some of which may manage install malware on your computer, others of which want to waste your time with scam ads, etc.  A PPE scheme that solves that problem can get a lot more users than one that doesn't, and may even eventually take over from the current kind of email.  

> Adam

--John