Silk Road forums
Discussion => Newbie discussion => Topic started by: lsdizzle on May 24, 2013, 08:02 pm
-
If the way SR and TOR is set up allows people to intercept the messages without being able to discover the origin or destination, then PGP is only useful for encrypting messages whose contents are intelligible on their own. Wouldn't splitting a message into three parts have much the same effect?
-
I'm not quite sure what you mean...
PGP is used so that when you encrypt a message with another person's public key, they are the only ones who can decrypt it-they use their private key to do so.
So I'm not exactly sure what you mean by "Wouldn't splitting a message into three parts have much the same effect?" I assume if you encrypted a message, then took that message and sent it in 3 different parts, the recipient would have to compile each part into one in order to decrypt the message which just seems like a ridiculous process....
Is that what you're asking?
I apologize, I'm a bit confused.
-
I may have phrased it confusingly. What I meant was that the point of encrypting messages is so that whomever may be able to intercept them will not be able to decipher them without knowing the public key of the sender. Since intercepting messages on SR would leave the interceptor unaware of the sender's identity as well as the receiver's identity, if the message (like an address) were to be split up over 3 messages instead of being sent as one, then that would make the message indecipherable, as they couldn't connect the consecutive messages with each other. The obvious exception being self-contained ideas being contained in each message. But only writing partial sentences before starting a new message in the same chain could be its own form of encryption because it would be quite difficult to parse them back together. And if used in conjunction with PGP, by sending it in three parts, that would be even better.
After all, if LE had access to your account, for example, under some RIPA bullshit, they'd probably already know your public key, because you have to share it with other people for it to have a purpose. So obviously, PGP is aimed at external security threats.
-
I think you don't exactly understand the mechanism behind PGP.. If you needed the public key to decrypt a PGP encrypted message it wouldn't be secure at all! PGP works by encrypting your message with the public key, and decrypting it with a private key, both keys being completely different.
Also, you can know the origin of the messages, key IDs are usually in the messages unless you write "throw-heyids" in gpg.conf (open it with notepad). Check Pine's thread on how to use PGP anonymously for more accurate info!
-
very confusing op and response...are you trying to suggest a better method than pgp or what?
I thought PGP was so your not sending your address around in plain text, I am new and the first to say I may be wrong but I always imagined 2 scenarios where pgp would be crucial.
You place and order, encrypt your address and send it to the vendor.
Scenario 1, if by chance someone can intercept the order you place, like if you or the vendor were using an onion.to address (not suppose too) then someone may be able to intercept what you send. So if you've encrypted your address then its safe.
Scenario 2, If someone gets access to the vendors account (LE, phishing, rogue SR admin?) before the order is placed in transit, then they can see your order and your address so if its encrypted then your is address safe.
Now if key loggers are involved or your computer is compromised in way that lets the attacker see everything, record everything then I imagine even with pgp or not, everyone is screwed.