On Wed, 30 Jan 2019 13:20:01 +0100, Philipp Klaus Krause wrote: > There has been plenty of research on email security and the need for > encryption is well-known. > > However, I wonder if there has been any research on mail security. Of > course, one could just put a GPG-encrypted letter in an ordinary > envelope, but there are more common measures that are meant to give some > additional security over the standard mail. I wonder how well those work. > > Are there any good textbooks, etc?
Interesting topic, which i am interested in as well. I started, as German citizen, to use also epost Brief and De-Mail a while ago, when communicating sometimes with friends, because i like those paid services much more than the classical email PGP combo. (Does anyone know why GnuPG does not support stealth mode, like old versions of PGP had, to make it harder for procmail?) > There are a few aspects I can think of (but there is probably more): > * Patterns printed on the inside of envelopers. These are meant gainst > the use of light to read the contents of an unopened enveloper. How > strong are these in the face of image recognition? Did someone study > such patters? Maybe an additional layer of household aluminium foil should work fine. > * Tamper-proof enevelopes, meant to make it hard to open an envelope > unnoticed. How well do these work? Does it even make snsne to put much > effort into them, as an attacker could use a new envelope (though there > might be some difficulties involved to get or fake the right postmark)? > * There seems to be some literature on the security of wax seals (e.g. > "Licet ad regimen", published in 1198 - does anyone know of a German, > French or English translation). Services which do such things may have international stamps in stock, just in case ... About traditional wax seals, i could imagine a silicone mold would be enough to fake such a seal successfully. But now i have a question, if you don't mind. Prior sending an encrypted letter, have you thought about a proper ASCII armor also, because when i did tests in the past i found only codegroup suitable, but even FOSS OCR software can not detect hundert percent codegroup letters. Maybe one needs to use a special font ... https://www.fourmilab.ch/codegroup/ Regards Stefan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
