Or it's the exact opposite, every Internet protocol is expected to
defend against every theoretically imaginable scenario, which means
they have to defend against literally [0] everything.
There are three basic states a defender can be in: "of course I'm not
being surveilled", "maybe I'm being surveilled", and "of course I'm
being surveilled". You want people to stay in the first category at all
costs: they speak more freely and with fewer safeguards. You want to
keep people out of the latter category at all costs: they speak only
what's strictly necessary and use extreme countermeasures. This leads
to the attacker's first rule: don't be seen.
Bryan's idea violates this. Okay, so you forge a collision on some
of the digits... but you have absolutely no idea which digits the
defender will check. Or, for that matter, if three days later the
defender will look at the business card and say "hey, that's not right".
Or... etc. This is such a high-visibility attack, with such a risk of
putting a defender into an aware and alert posture, that I have trouble
imagining a halfway competent attacker who would ever want to use this.
It's a complete roll of the dice, with extreme consequences for failure.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp