dave%snowgoose@uunet.uu.net ( Dave Stoffel ) (12/06/90)
I am interested in what can be done to secure mail from being read
"en route". Has this topic been discussed before and is it of interest
to this group?
I suppose a sufficiently compute intensive public key crypto method
would do the job. If the requirements were less general, i.e., party A
and party B have exchanged keys outside of the mail channel, then
crypt < plain | uuencode ....... | uudecode | crypt > plain
would work.
Dave uunet!snowgoose!dave dave%snowgoose@uunet.uu.netkessler@hacketorium.Eng.Sun.COM (Tom &) (12/11/90)
You might want to look into the Privacy Enhanced Mail (PEM) experiment which is proceeding on the internet. The protocols and procedures are published in RFC's 1113 - 1115. As a gross oversimplification the basic idea is that an RSA based algorithm is used to encrypt a des key which is used to encrypt the message or can be used as a "digital signature". The solutions provided for distributing keys would need some work to function in a non-internet environment. Unfortunately RSA and the related algorithms that are "usefull" for this application are patented (I'm no crypto expert but I've been led to believe that this is true). Anyway if you want more information you can get the RFC's or send mail to pem-info@tis.com --Tom Kessler