Hi David,
David Ross wrote:
This leads to the question that I apparently did not clearly ask
before: Where is the security in distributing a message that is
encrypted for some recipients but not for all recipients?
The security is in protecting against a set
of attackers that are listening to some recipients
but not to others. It's not perfect, granted, but
it's better than nothing! (Which is the preferred option
offered by Tbird right now.)
Indeed, the existence of both clear-text and encrypted versions of
the same message might possibly be used to crack the private keys
of those who receive encrypted copies. For that reason, I
certainly would not want to be on the receiving end of any such
distribution that had my copy of the message encrypted with my
certificate. Yes, I know that non-symmetrical
public-key/private-key encryption methods make cracking near
impossible; but the task does become at least slightly easier when
both the clear-text and encrypted versions of the same message are
in hand.
You've answered your own question. The
threat to anyone's email from a plaintext+
ciphertext attack is non-existent in comparison
to the threat of simple eavesdropping in a
corporate environment. In fact, since the
development of strong crypto, I'm not sure
this attack has even ever succeeded in the
last 30 years, outside the rarified domains
of the NSA.
So, what is your rationale for concentrating on
an attack that is so implausible that we likely
won't see it in our lifetimes ... and not addressing
an attack that is as common as, well, corporate
polices, seeing as that's what corporate policies
state these days!
As someone said to me recently, when I was
being over paranoid in my protocol design.
"Use the cipher, Luke!" By which he meant,
rely on its strength, then move on to protecting
other areas.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
mozilla-crypto@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-crypto
