Possible Feature Request (was Re: Security Concerns)

David Shaw dshaw@jabberwocky.com
Tue Nov 5 19:54:02 2002


On Tue, Nov 05, 2002 at 10:01:40AM +0000, MindFuq wrote:
> * MindFuq <mindfuq@comcast.net> [2002-11-03 21:27]:
> > 
> > By clearsigning, you're not revealing anything about your private key,
> > other than who the owner is.  ie. I can intercept and copy your
> > signature, paste it into the window at www.pgpdump.net, and it will
> > reveal the keyID of the public key needed to verify it.  I could then
> > look on the key servers and find out that the key belongs to you, and
> > thus, verify the message came from you.
> > 
> > So the only danger would be if you needed to send a message to someone
> > anonymously (maybe using an anonymous remailer) so that no
> > evesdroppers could know your identity, but such that the receiver
> > needed to verify your identity.  In this case, it would not work.  You
> > would have to encrypt your signature w/in the message.  If you
> > clearsign an anonymously remailed message, then anyone who has your
> > public key or anyone who can retrieve it from a keyserver can verify
> > that you sent the message.
> 
> I came accross the --throw-keyid switch today.  It's an interesting
> switch, in that it withholds the keyid of the receiver from the
> encrypted packets.  As a test, I tried clearsigning to see if it would
> withhold my keyid from the signature.  
> 
> Didn't happen.  But wouldn't that be an interesting feature?  It would
> protect a sender in the traffic analysis case described above.  The
> receiver would either have to know who the message belongs to, or try
> all the public keys on their keyring.. but at least traffic analyzers
> would have one less peice of information.

Not really.  The keyid in a signature packet is really just there for
the convenience of the receiving program.  Since the public key can
effectively point to the key owner, and (by definition) the public key
is public, you don't gain anything by hiding the keyid.

The only true way to avoid announcing that you've signed something is
to keep your public key private (or as private as possible).

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson