I am not a GnuPG developer; they may disagree with me or outright say "hey, sure, we'll support it". That said, I think that what I'm saying here is in rough accordance with their vision of the GnuPG project. If I am wrong, I'm sure they'll correct me. :)
Mark E. Wunderlich wrote: > I would like gpg to be able, when using symmetric ciphers, to produce > `anonymous' output -- that is, output such that one cannot be sure > that gpg produced it, or that a given passphrase does not > successfully decode it. This means going beyond the OpenPGP spec. OpenPGP has a very specific format for symmetrically encrypted documents. If you want something that is not OpenPGP-conformant, you probably need to go elsewhere. > I would like to be able to do this so that, for example, I could run > gpg repeatedly, and someone who was decoding the data would not know > whether he was on the right track. Unless you're encrypting large blocks of random noise, I don't see how this is possible. Even if GnuPG itself doesn't tell me "nope, that key didn't decrypt the message successfully," I could figure it out myself from how the output is statistically indistinguishable from random noise. See, e.g.: http://www.schneier.com/crypto-gram-9812.html#plaintext > I also might want to combine gpg with another approach, e.g., XOR-ing > the target file against another file. Unless you have a graduate degree in mathematics and a background in breaking ciphers, this is probably a spectacularly bad idea. Cipher design is a fabulously black art; even the acknowledged geniuses of the field screw it up more often than not. Anyone can make a cipher they themselves cannot break. It requires a great deal of study and trial and error and just blind luck to make a cipher that nobody can break. > Again, the idea would be that `anonymizing' gpg's output would make > it more difficult for someone to untangle such combined approaches Yes, because double ROT-13 is more difficult to read than single ROT-13. There is a very large corpus of knowledge about cipher composition; which ways tend to increase the strength of a system, and which only diminish it. It is far, far, far easier to diminish the strength of a system. The likelihood of an ad-hoc method improving overall security is vanishingly small. Almost zero. > the general idea is that the ability to produce `anonymous' output > would make gpg a more flexible part of a larger toolkit. GnuPG is not 'part of a larger toolkit'. GnuPG and its associated libraries provide an implementation of RFC2440, and is slowly growing to cover a couple of other RFCs (S/MIME, etc.). That's all, nothing else. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
