The Call of the Open Sidewalk

From a place slightly to the side of the more popular path

User Tools

Site Tools


Anonymous Encrypted Messages

If you want to send an anonymous message using an OpenPGP based system then you don't sign it. That is it. That is the whole thing. It is conceptually the same as omitting a signature from a paper document. Simple and intuitive

The result is that the sent message has no cryptographic proof of identity at all. Neither the intended recipient or an eavesdropper that somehow overcomes the encryption has any access to such proof. The message is truly anonymous. This is a kind of perfect deniability.

Due to the way the OpenPGP identity is structured, there are no negative effects on the security of the encryption if you chose to send an anonymous message. You can send a mixture of signed and unsigned messages to a particular recipient and each of those messages will be as private as the other.

Contrast that with systems that require signatures to protect the encryption. Such systems provide the user with no choice. Normally the best that can be done is some sort of forgeability scheme. Such schemes are inferior to the simple OpenPGP approach of omitting the signature entirely.


pgpfan/anonymous.txt ยท Last modified: 2021/05/26 00:19 by b.walzer