[wilhelmtux-discussion] crypto and mail

Alex Schroeder alex at gnu.org
Son Mar 16 11:14:42 CET 2003 

"Claude Almansi" <claude.almansi at bluewin.ch> writes:

> I am very interested in the encryption solution, now that after
> April 1st, Swiss ISP's will have to save all messages for 6 months
> (and our browsing tracks).  From the article by François Pillet at
> Largeur.com, I understodod they wouldn't even be saving web e-mail,
> though.

Yes, that means they can only work like the columbian mafia when
tracking down traitors with encrypted cell phones.  It is called
"traffic analysis" -- eventhough you don't know *what* the person
says, you know *when* the person talks, and *whom* the person
contacts.

In this particular case, therefore, encryption is not going to help.
When the police has something equivalent to a search-warrant, then
actually I am not opposed to them reading mail.  Then it works just as
with snail mail -- when the court orders it, the police can open it.
What I oppose is that citizens are treated as potential criminals
before having committed a crime ("Rasterfahndung").

This also happens when you make normal phone calls.  A certain number
of these calls (esp. if you call somebody outside of Switzerland) is
recorded.  It seems that when you say certain words, even, your calls
will be recorded.  So when I call my girlfriend we often start by
saying Kalachnikov, and then go to greet the secret service, before we
tell each other about the last days.  This way, we spread some love to
those who need it most.  ;)

Anyway, one real solution would be to just forwards spam to "random"
email accounts all over the place.  When you *send* a lot of mail, you
generate lots of traffic, and it gets more difficult to track the
"ham" in the "spam".  The other would be to use various SMTP servers
to send your mails from -- but usually ISPs only allow their own
people to send mail, and other SMTP servers have relaying disabled in
order to prevent spammers from doing exactly that.

In short, encryption is only useful if you know that traffic analysis
makes no sense -- either because they are surveiling you already (and
then crypto will not work for long -- they'll just catch you anyway),
or because you send lots and lots of innocent stuff encrypted as well
(but nobody I know uses crypto for trivial mail).  As you can see,
crypto is not the be-all-end-all of secret communication.

If you really have to transmit secret messages, you have to hide that
you are sending secret messages in the first place.

One such possibility is to use stego -- hide messages within other
messages.  For example, start sending pictures to your friends.  From
time to time, use stego to hide messages within these pictures.  Be
careful, however, since detecting stego is a hot research topic, so
you are in the middle of an arms-race, if you go down that way.

You can, of course, switch to plain text stego.  Send your friends
passages of the bible, and hide messages in the text by adding a few
keywords here and there.  This is extremely difficult to get right,
and it imposes the additional problem that you have to communicate to
your partners, how the message is hidden.

Alex.