ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Message padding in OpenPGP

2019-09-25 09:33:06
Justus Winter <justuswinter(_at_)gmail(_dot_)com> writes:

On Tue, Sep 24, 2019 at 11:00 PM Jon Callas <joncallas(_at_)icloud(_dot_)com> 
wrote:
Am I correct in understanding that you're proposing adding in decoy
traffic to pad out compressed data to its uncompressed length?

No.  I'm proposing not to compress the data at all, and then add some
padding data according to some policy.  The compression container is
only a means to add the padding within the constraints of the current
ecosystem.

If I'm missing something, what problem are you trying to solve with this?

There is a correlation between the size of the encrypted message and
the size of the plaintext.  On first sight, compression helps with
that, but that makes the size dependent on the entropy of the
plaintext, which also leads to problems as discussed previously.
Padding alleviates this problem, the tradeoff being an increased
message size.

Why not just have multiple literal packets inside the encryption?  I.e.:

  ENC{ Lit1{realData} | Lit2{pad} }

Note, of course, that this could provide a covert channel which could
leak other data, theoretically.

Cheers,
Justus

-derek
-- 
       Derek Atkins                 617-623-3745
       derek(_at_)ihtfp(_dot_)com             www.ihtfp.com
       Computer and Internet Security Consultant

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp