[Cryptography] [cryptography] Secure universal message addressing
Ray Dillinger
bear at sonic.net
Tue Apr 5 00:48:35 EDT 2016
On 04/04/2016 10:06 AM, Allen wrote:
> How about making the address a Curve25519 public key? Anyone who sends
> something to that address could encrypt the contents using that key, so the
> contents could only be read by you (assuming no one steals your key).
I'm increasingly unConvinced that a good email system really
requires broadly distributed public keys at all. Consider
the advantages of a system where email addresses are secrets.
Where you encrypt a message to someone using a secret key
which that person gave you. It may be a symmetric or asymmetric
key, but first and foremost there are huge advantages in it
being secret, and once it's secret there's little harm in using
plain old symmetric cryptography.
In the first place, if your address isn't a public key you've
distributed, then spammers don't, by default, have it. That's
kind of the right thing for starters.
In general I don't want people who have one of my private email
addresses sharing it around randomly. When they do share it around,
on the likelihood that I don't agree with them that the person they
shared it with ought to have it, I want the ability to cut that
address off. If some troll pisses on my reputation and tosses my
email address to 4chan, why should that be a disaster that requires
me going through fifteen thousand hate mail just to find the ten or
twelve real messages I get that day? And why shouldn't I know
exactly which of the people I correspond with is responsible for
the attack? If it's a secret key, handling the problem is simple;
I just delete that key from my profile, and and look at the messages
I have left.
As another case in point, when, inevitably, my dear nontechnical
brother gets pwned yet again and a spammer gets his addresses
including his address for me, I want to be able to cut off
the spammers' access to my mailbox. In order to do that I need
to be able to identify which key is compromised - a step which
is useless if everyone you correspond with has the same key.
I need to contact *THAT* person, and nobody else, to give them a
new key. And I need to be able to cut it off without cutting
myself off from other correspondents and without giving the spammer
access to my inbox - again, much harder if everyone has the same
key or the key/address is available from a public registry.
Finally, the privacy is better. Secret keys can be revoked, just
by erasing them. Once they're gone that address is not one that
can be used to contact you, period. You never had to publicly
identify yourself with it because you never had to distribute a
pubkey. Odds are that no snoops know you were ever associated
with it, unless you, or a person whose privacy it would have
compromised along with yours, told them.
So, in summary, email addresses as secret keys are better privacy
in the first place and better damage control when someone has your
contact information and you'd rather they didn't. So why does
everybody keep trying to build a PKI and revocations and all that
jazz for a mail system?
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160404/1c7653eb/attachment.sig>
More information about the cryptography
mailing list