ietf-openpgp
[Top] [All Lists]

Re: Speculative Mode for KeyIDs of all zeroes

1997-12-04 00:27:14
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 08:29 PM 12/3/97 +0000, Ian Grigg wrote:

"An implementation MAY interpret a KeyID of all zeroes to mean that all
keys available should be used to decrypt the message speculatively." 
or  some such.

I don't think adding any extra features will work for the intended
audience.  For reasons that I won't go into now, I don't think any users
who really need the speculative mode will be using anything but pgp2.6
(the C version, not any compatibility suite like Cryptix).  The rest of
us might like to implement it for fun.

For "deniable steganography" applications, such as hiding a PGP message in
the background noise in TIFF images or .WAV files, the KeyID field should
be able to go away entirely, causing the speculative decryption mode.  If
you are worried about being tortured, the best defense is for Big Brother
to be unable to verify the existence of a PGP message at all.  Some stego
programs already kludge this by removing various message headers, but I
don't have references to the techniques handy.  I would like to see some
kind of "stealth message" format defined, where the first N bits of the
message (N corresponding to the length of the asymmetric key you are using
to speculatively decrypt) contain the session key, signature keyid, message
length, symmetric algorithm ID, hash algorithm ID, random padding, and
other such details so that if you stego a .WAV file, the only way to tell
is to collect the first 2048 sample LSBits and try decrypting them with
your private key(s) to see if a message header shows up.  Otherwise, all
you see is random-looking data that may or may not be a PGP message.

Most people have a fairly small number of private keys, so doing
speculative decryption in this manner shouldn't be too computationally
expensive, especially if the user can specify the order in which the keys
are tried.

-----BEGIN PGP SIGNATURE-----
Version: PGP for Business Security 5.5

iQA/AwUBNIZZo8JF0kXqpw3MEQL1TACeP5It/MOwR2WfRQTEtNAUvAw1tzUAoIeB
bs1PXy6cws5PY6jYZh9yt3pM
=SwKF
-----END PGP SIGNATURE-----