Gnupg good for big groups?

Robert J. Hansen rjh at sixdemonbag.org
Wed Aug 4 19:57:57 CEST 2010


On 8/4/10 1:35 PM, MFPA wrote:
> PGPNET messages are encrypted to the keys of all current members.
> Before you joined and after you left, they do not encrypt to your key.

It is also worth noting that PGPNET has some very big problems with key
management.  PGPNET users are apparently comfortable wrestling with
these problems (more power to them for that), but we shouldn't pretend
the problems don't exist.

In a completely connected graph of N nodes there are (N^2 - N)/2
different edges.  Or, in English, 40 members equals 780 separate
communications links, each one of which can fail and produce problems
for other people.  The network begins to get spammed with "that last
message wasn't encrypted to my new key, please re-send."  The network
slowly begins to drown with communications overhead: key
synchronization, resend requests, failure notifications, etc.  PGPNET is
probably operating pretty close to the limits of OpenPGP.  At some point
the math bites you hard and doesn't let go.

A couple of years ago at USENIX Dan Wallach of Rice University talked
about his difficulties getting 30 Ph.Ds in computer science to all
communicate on an OpenPGP-encrypted mailing list.  His precise phrasing
was, "it was the torment of the damned."



More information about the Gnupg-users mailing list