SECURITY: Logistics of paranoia.

Alex Future Bokov (alexboko@umich.edu)
Fri, 5 Jun 1998 11:05:14 -0400 (EDT)


-----BEGIN PGP SIGNED MESSAGE-----

Let's say James Bond and Austin Powers want to correspond about
secret stuff. Obviously, they would exchange keys signed by trusted
parties and go at it. However, what if there are no trusted parties, and a
face to face meeting is too risky/expensive? They could each create a new
key-pair not associated with their normal identities and correspond
through two-way anonymous remailers, thus neither knowing whom they're
talking to but at least knowing it's the same entity each time. If one of
them is captured or subverted, they still won't be able to give away the
identity of the other. Can anyone see any vulnerabilities in this plan
whatsoever?
Now, supposing they want to bring Maxwell Smart into their
organization. He joins under the same terms as they: anonymity,
encryption, digital signatures on everything. Can anyone spot any
vulnerabilities at this point?

--Sincerely, Alex F. Bokov

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBpAwUBNXgJLJvUJaRNHMexAQFMngKaAgHiAuIYDlaPtfaR9MV5cGnS2HG1tteT
Ebg6FKLhTkzuH1CBzeXYLlILlkwNzRkTFSLHOUmByk3TiQu2Q1vYx/eYRB1pgOs1
wgaMQO66n/QMUZPW
=jWBi
-----END PGP SIGNATURE-----