[Cryptography] Specification: Prism Proof Email

Phillip Hallam-Baker hallam at gmail.com
Fri Sep 20 14:59:46 EDT 2013

We need an email security infrastructure and recent events demonstrate that
the infrastructure we develop needs to be proof against PRISM-class attacks.

By PRISM-class I mean an attack that attempts pervasive surveillance with
budgets in excess of $100 million rather than the PRISM program in

Neither OpenPGP nor S/MIME is capable of providing protection against this
class of attack because they are not widely enough used. We can only hope
for these to be useful if at least 5% of Internet users start sending mail

But while the legacy protocols are not sufficient, 95% of the existing work
is fine and does not need to be repeated although there may be some details
of execution that can be improved.

The part that is going to need new research is in the area of trust models.
As someone who has seen the documents said to me this week, given a choice
between A and B, the NSA does both. We have to do the same. Rather than
have a pointless argument about whether Web 'o Trust or PKIX is the way to
go, let everyone do both. Let people get a certificate from a CA and then
get it endorsed by their peers: belt and braces.

The idea in this draft is to split up the problem space so that people who
know email clients can write code to support any of the research ideas that
might be proposed and any of the research ideas can be used with any of the
mail clients that have been enabled.

The draft is to be found at:


Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130920/9a03767b/attachment.html>

More information about the cryptography mailing list