On Tuesday 22 March 2011, David Shaw wrote: > On Mar 21, 2011, at 12:13 PM, Jerome Baum wrote: > > Hauke Laging <mailinglis...@hauke-laging.de> writes: > >> You know that. And the archive of this mailinglist now knows that > >> you have once claimed to do that. So one may assume that the only > >> recipient is you but that is not a strong technical conclusion > >> from the message itself. > > > > When I throw-keyids, what's actually left over? Would there be > > any way to match the keys from several messages, besides key size > > and type? Also if one (size, type) appears in all messages, I'd > > say the conclusion that I'm using encrypt-to-self is pretty safe. > > In addition to the size and type information, there is also an > interesting attack that can be done against speculative key IDs. It > doesn't (directly) help a third party know who the recipients are, > but it does let any recipient try to confirm a guess as to who > another recipient might be. > > Let's say you encrypt a message to Alice and Baker and hide the key > IDs. Alice gets the message and knows there is one other recipient > aside from herself. She considers who the message came from and > what the message was about and makes an educated guess that the > other recipient is Baker. To confirm her guess, all Alice needs to > do send a specially rigged speculative key ID message to Baker. If > Baker responds, then Alice knows he was the other recipient. > > Throw-keyids has some good usages (posting a message for pickup in a > public place, for example), but it's just a tool. It's important > not to rely solely on it.
Exactly. The obvious solution to this problem would be to send n copies of the message to the n recipients each time encrypted to exactly one recipient. In fact, that's exactly what KMail does for all BCC'd recipients of an encrypted message. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users