Re: [openpgp] signed/encrypted emails vs unsigned/unencrypted headers

[Ximin Luo <infinity0@gmx.com>]

On 16/07/13 11:01, Werner Koch wrote:
> On Tue, 16 Jul 2013 10:28, infinity0@gmx.com said:
> 
>> Could you take a guess on why this feature is not used more? I haven't seen any
> 
> The first question should be, why OpenPGP is not used more.  The subject
> fulfills an important task: It allows to quickly sort and order
> messages.  An encrypted subject would require that you decrypt all
> messages even if you are not interested in them.  Further, support for
> arbitrary nested MIME structures seems to be broken in some MUAs.
> 

I think those are separate questions. :p

Your argument about "would require decrypt" is not tight; it applies equally to the message contents ("you can't search yada"). This is a trade-security-for-convenience approach, which is asking for trouble even if you can't explicitly think of an attack.

For maximum security, all headers that have end-to-end semantics should be added to the signed part of the message, and only the subset of these that are actually necessary for email to work correctly, should be sent in the clear.

For example, one could imagine an attack where you have 1000 messages in a thread with 10 people, then you could infer from the plaintext References: headers, a prediction on which of these 10 people are closely connected with each other. You can attack the plaintext To: header as I described in a previous post, and perhaps you can similarly attack the Subject: header even though right now it *seems* unimportant. A future application may use email transport in a novel way and treat the Subject: header to have much more valuable semantic meaning that affects application logic, wrongly assuming that PGP sign+encrypt is "secure" in that area.

X
 
> 
> Salam-Shalom,
> 
>    Werner
> 
> 
> p.s.
> What I do is to use a nonsense subject line for encrypted messages.  This
> helps to remember the context of a mail thread while not revealing the
> content of the conversation.
> 
」