Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: devel

No Hidden-Recipient support in GPGME?

  

 
GnuPG devel RSS feed   Index | Next | Previous | View Threaded


buanzo at buanzo

Aug 27, 2008, 1:08 PM

Post #1 of 10 (277 views)
Permalink
No Hidden-Recipient support in GPGME?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi!

I wonder... will hidden-recipient support be implemented into GPGME... ever?

Thanks!

- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Mailing List Archives at http://archiver.mailfighter.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFItbRSAlpOsGhXcE0RCuy+AJwI/lgYqiVx46utAUxQAVIjkjo6PgCfftES
XhHnbC6sJrbdsHDbH4zk0FU=
=9qug
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


wk at gnupg

Aug 28, 2008, 12:59 AM

Post #2 of 10 (261 views)
Permalink
Re: No Hidden-Recipient support in GPGME? [In reply to]
On Wed, 27 Aug 2008 22:08, buanzo[at]buanzo.com.ar said:

> I wonder... will hidden-recipient support be implemented into GPGME... ever?

That would require a new feature in gpgme to mark a key as hidden. Due
to the reference counting we use with key objects we would at least need
a deep copy operation for keys and a function to set such a flag.

Do you really think that this is required?

What we could add far easier is an encryption flags which sets the
--throw-keyid option of gpg and thus all recipients would be hidden.



Salam-Shalom,

Werner


--
Linux-Kongress 2008 + Hamburg + October 7-10 + www.linux-kongress.org

Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.


_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


buanzo at buanzo

Aug 28, 2008, 5:26 AM

Post #3 of 10 (261 views)
Permalink
Re: No Hidden-Recipient support in GPGME? [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Werner Koch wrote:
> What we could add far easier is an encryption flags which sets the
> --throw-keyid option of gpg and thus all recipients would be hidden.

That would work too! Jacob Appelbaum and I are working on the Web-of-Trust solution to the OpenPGP
for HTTP Bootstrapping issue, and we discovered that --throw-keyids would be great as a simple
counter-measure against traffic analysis.

Yours,

- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Mailing List Archives at http://archiver.mailfighter.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFItpmTAlpOsGhXcE0RCpauAJ0Vy7pE3rTMu+7ztTjD0ZyOj1blrQCfU0J1
Oe50kVIcdplmF0XKsWuESto=
=xhxu
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


wk at gnupg

Aug 28, 2008, 5:48 AM

Post #4 of 10 (258 views)
Permalink
Re: No Hidden-Recipient support in GPGME? [In reply to]
On Thu, 28 Aug 2008 14:26, buanzo[at]buanzo.com.ar said:

> for HTTP Bootstrapping issue, and we discovered that --throw-keyids would be great as a simple
> counter-measure against traffic analysis.

But is has the drawback of making decryption slow if you have several
secret keys. It needs to do trial decryptiopn for all of them. With
just one encryption key in your secring, it does not matter of course.


Shalom-Salam,

Werner

--
Linux-Kongress 2008 + Hamburg + October 7-10 + www.linux-kongress.org

Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.


_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


buanzo at buanzo

Aug 28, 2008, 5:53 AM

Post #5 of 10 (261 views)
Permalink
Re: No Hidden-Recipient support in GPGME? [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Werner Koch wrote:
> But is has the drawback of making decryption slow if you have several
> secret keys. It needs to do trial decryptiopn for all of them. With
> just one encryption key in your secring, it does not matter of course.

That's true. We'll point that out in the RFC. Thanks WK!

- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Mailing List Archives at http://archiver.mailfighter.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFItp/IAlpOsGhXcE0RCn5bAJ0VLRXOZsGNPcqGPku18GxT7ZEVkQCfe+1H
IJft62VXBLglbqyRtOgfmv0=
=96sh
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


dshaw at jabberwocky

Aug 28, 2008, 5:59 AM

Post #6 of 10 (258 views)
Permalink
Re: No Hidden-Recipient support in GPGME? [In reply to]
On Aug 28, 2008, at 8:26 AM, Arturo 'Buanzo' Busleiman wrote:

> Werner Koch wrote:
>> What we could add far easier is an encryption flags which sets the
>> --throw-keyid option of gpg and thus all recipients would be hidden.
>
> That would work too! Jacob Appelbaum and I are working on the Web-of-
> Trust solution to the OpenPGP
> for HTTP Bootstrapping issue, and we discovered that --throw-keyids
> would be great as a simple
> counter-measure against traffic analysis.

Emphasis on 'simple', though. Hidden keyids do work, but read http://www.imc.org/ietf-openpgp/mail-archive/msg10923.html
for one potential gotcha and workaround.

David

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


bernhard at intevation

Sep 1, 2008, 5:27 AM

Post #7 of 10 (239 views)
Permalink
Re: No Hidden-Recipient support in GPGME? [In reply to]
On Thursday 28 August 2008 14:59, David Shaw wrote:
> On Aug 28, 2008, at 8:26 AM, Arturo 'Buanzo' Busleiman wrote:
> > Werner Koch wrote:
> >> What we could add far easier is an encryption flags which sets the
> >> --throw-keyid option of gpg and thus all recipients would be hidden.
> >
> > That would work too! Jacob Appelbaum and I are working on the Web-of-
> > Trust solution to the OpenPGP
> > for HTTP Bootstrapping issue, and we discovered that --throw-keyids  
> > would be great as a simple
> > counter-measure against traffic analysis.
>
> Emphasis on 'simple', though.  Hidden keyids do work, but read
> http://www.imc.org/ietf-openpgp/mail-archive/msg10923.html for one
> potential gotcha and workaround.

To me understanding, using a blind carbon copy on emails requires
the email application to send out several versions of the email:
1) encrypted to all visible recipients
n invisible recipients*) encrypted to all visible recipients and one out of n
invisible.

Bernhard

--
Managing Director - Owner: www.intevation.net (Free Software Company)
Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Attachments: smime.p7s (1.57 KB)


dshaw at jabberwocky

Sep 1, 2008, 7:35 AM

Post #8 of 10 (242 views)
Permalink
Re: No Hidden-Recipient support in GPGME? [In reply to]
On Sep 1, 2008, at 8:27 AM, Bernhard Reiter wrote:

> On Thursday 28 August 2008 14:59, David Shaw wrote:
>> On Aug 28, 2008, at 8:26 AM, Arturo 'Buanzo' Busleiman wrote:
>>> Werner Koch wrote:
>>>> What we could add far easier is an encryption flags which sets the
>>>> --throw-keyid option of gpg and thus all recipients would be
>>>> hidden.
>>>
>>> That would work too! Jacob Appelbaum and I are working on the Web-
>>> of-
>>> Trust solution to the OpenPGP
>>> for HTTP Bootstrapping issue, and we discovered that --throw-keyids
>>> would be great as a simple
>>> counter-measure against traffic analysis.
>>
>> Emphasis on 'simple', though. Hidden keyids do work, but read
>> http://www.imc.org/ietf-openpgp/mail-archive/msg10923.html for one
>> potential gotcha and workaround.
>
> To me understanding, using a blind carbon copy on emails requires
> the email application to send out several versions of the email:
> 1) encrypted to all visible recipients
> n invisible recipients*) encrypted to all visible recipients and one
> out of n
> invisible.

Exactly. This can be difficult for those mail programs that allow the
MTA to handle all addressing, since it involves sending a message to
user "b" (an encrypted + hidden user), but with "a" (an unencrypted
users) in the To: list.

David

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


bernhard at intevation

Sep 2, 2008, 5:35 AM

Post #9 of 10 (234 views)
Permalink
Re: No Hidden-Recipient support in GPGME? [In reply to]
On Monday 01 September 2008 16:35, David Shaw wrote:
> > To me understanding, using a blind carbon copy on emails requires
> > the email application to send out several versions of the email:
> > 1) encrypted to all visible recipients
> > n invisible recipients*) encrypted to all visible recipients and one  
> > out of n
> > invisible.
>
> Exactly.  This can be difficult for those mail programs that allow the  
> MTA to handle all addressing, since it involves sending a message to  
> user "b" (an encrypted + hidden user), but with "a" (an unencrypted  
> users) in the To: list.

Are there settings where this is common?
Usually the MTA would act on the envelope, not the data which includes
the visible "To:".

Bernhard

--
Managing Director - Owner: www.intevation.net (Free Software Company)
Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner


dshaw at jabberwocky

Sep 2, 2008, 6:29 AM

Post #10 of 10 (236 views)
Permalink
Re: No Hidden-Recipient support in GPGME? [In reply to]
On Sep 2, 2008, at 8:35 AM, Bernhard Reiter wrote:

> On Monday 01 September 2008 16:35, David Shaw wrote:
>>> To me understanding, using a blind carbon copy on emails requires
>>> the email application to send out several versions of the email:
>>> 1) encrypted to all visible recipients
>>> n invisible recipients*) encrypted to all visible recipients and one
>>> out of n
>>> invisible.
>>
>> Exactly. This can be difficult for those mail programs that allow
>> the
>> MTA to handle all addressing, since it involves sending a message to
>> user "b" (an encrypted + hidden user), but with "a" (an unencrypted
>> users) in the To: list.
>
> Are there settings where this is common?
> Usually the MTA would act on the envelope, not the data which includes
> the visible "To:".

It's becoming less common over the years as programs have either a
SMTP stub to talk to a smarthost, or at least call command line
programs with some more finesse, but many programs did the equivalent
of passing a whole message to "sendmail -t" and letting sendmail work
out the details. That's fine in most cases, but would be a problem
here.

David

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

GnuPG devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.