ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Reducing the meta-data leak

2015-11-03 08:31:00
"Neal H. Walfield" <neal(_at_)walfield(_dot_)org> writes:

Hi,

At the IETF 94 OpenPGP WG session, Bryan, if I recall correctly,
suggested that we should try and hide more meta-data.  For instance,
instead of listing the recipients, someone decrypting a message would
try each of their available secret keys in turn.  Werner pointed out
that these probes are a pain for people who use a passphrase protected
key and I mentioned that it is a pain for people who use a smartcard,
in paritcular, those who use more than one smartcard.

What about using a bloom filter for encoding the recipients?  This, of
course, doesn't eliminate the meta-data leak and it can lead to false
positives (= gratuitious passphrase prompts / smartcard prompts), but
it should reduce the metadata leak a fair amount, I think.  Thoughts?

There was an extension at one point where you use the string 0x00...00
for the keyID and that forced you to test all your secret keys.  There
are certainly times where that is warranted; there are other times where
it is not.

I wasn't at the meeting (in person or virtually) so I'm not sure I
completely understand what the use-case is where the above solution
doesn't work?

Thanks,

:) Neal

-derek
-- 
       Derek Atkins                 617-623-3745
       derek(_at_)ihtfp(_dot_)com             www.ihtfp.com
       Computer and Internet Security Consultant

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>