[Cryptography] Other obvious issues being ignored?

John Denker jsd at av8n.com
Tue Oct 20 19:43:57 EDT 2015 

On Oct 20, 2015, at 12:16 PM, I wrote:
 
>> PGP doesn't even try to encrypt the Date: and Subject: lines ...
>> for no good reason.

On 10/20/2015 03:04 PM, Ron Garret replied:

> I disagree that there is no good reason.  If you’re trying to go back
> through your records to find a particular piece of correspondence,
> having unencrypted Subject lines can come in awfully handy.

Irrelevant.  See below.

> Search is an essential part of today’s workflows, but

Irrelevant twice more.

When I am searching email, I very often want to do a full-text
search.  So I need to decrypt the entire message anyway.  As 
the intended recipient, I can do that.  Also if I want to
selectively decrypt some of the headers, I can do that.

The fact that I need to decrypt it in order to read and/or search
is irrelevant to the point I was making earlier, namely that there
is no good reason for it to be sent in the clear over the wire ...
especially when the wire belongs to a wholly-pwned subsidiary of 
They-Who-Must-Not-Be-Named.

Furthermore, as I have previously discussed in this forum, there
are reasons why some of the metadata should be encrypted with
separate keys, and made available on a need-to-know basis.  For
example, a forwarder needs to know the next hop, and perhaps
some evidence of authorization, but nothing else.

I still say:  Metadata is data.  A cryptosystem that leaks metadata
is a cryptosystem that leaks.  A lot of stuff is currently sent
in the clear for no good reason.

>  AFAICT searching encrypted contents securely is an unsolved problem.

Secure search is not particularly harder than secure reading.

I copy the ciphertext onto a physically-secure machine.  If necessary 
I post a couple of armed guards outside the door and lock the door.
Then I decrypt the messages, search them, read them, et cetera.  

The hard part is zeroizing the machine afterward.  (See previous
message.)  I zeroize it as best I can, and then lock the whole 
machine in a tamper-resistant safe for good measure.

That doesn't entirely solve the problem, but it moves it a good
ways down on the list, to the point where I've got more important 
things to worry about.

More information about the cryptography mailing list