[cryptography] Email encryption for the wider public

Henry Augustus Chamberlain henryaugustuschamberlain at gmail.com
Wed Sep 17 15:19:40 EDT 2014


I think maybe I didn't make the bit about private keys very clear:
we're talking about proper randomly-generated private keys, just in
PGP. I was just suggesting that since you have to walk around with a
private key file, at least it gives you an excuse to get rid of
passwords, and just authenticate with the server using the private
key.

On 17/09/2014, Ryan Carboni <ryacko at gmail.com> wrote:
> The majority of people are no more capable of GnuPG than understanding why
> RAM can't be solely used on a computer.
>
> GnuPG has some weird defaults that are difficult to change as well without
> some command line commands.
>
> Ultimately your system will have a major flaw: passwords are typically have
> low entropy, and anyone with the same password will read the same mail
> unless you concatenate a salt the user has to remember.
>
>
> The ideal system would be to use Tor in conjunction with guerrillamail. Or
> to use a preshared key with a block cipher, and hide the encryption (since
> evidently you want to avert the attention of the NSA to be encrypting in
> the first place) using steganography.
>


More information about the cryptography mailing list