#17 Include PGP Comments Header

Steve Crook

Users of Type-I Pseudonyms often terminate them on the Usenet group alt.anonymous.messages. Many of these are being lost due to news servers running default Cleanfeed installations that perform 'Fuzzy MD5' to filter Excessive Multi-Posting.

Cleanfeed's Fuzzy MD5 performs the following filtering prior to hashing the message payload:
$mbody = lc $hdr{__BODY__};
$mbody =~ s/^(?!http)\S{7,70}\r?$//mg;
$mbody =~ s/\r{3}.*$//mg;
$mbody =~ s/\s+$//;
$mbody =~ s/^[^\n]*\Z//m if $lines > 5;
$mbody =~ tr/a-z0-9//cd;
This results in virtually all PGP encrypted messages having the same MD5 hash and subsequently being dropped.

During encryption, add a PGP Comments header that contains 8 blocks of 6 random a-z characters separated by a whitespace character. This will ensure that each PGP payload will generate a different Fuzzy MD5 hash.


  • Len Sassaman

    Len Sassaman - 2007-06-11

    Logged In: YES
    Originator: NO

    Cleanfeed's proceedure is the problem here, not Mixmaster's behavior. Normally I would work around someone else's broken code rather than stick to principles, but what you're asking for is a wide-open side-channel. I can't do that.

  • Len Sassaman

    Len Sassaman - 2007-06-11
    • assigned_to: nobody --> rabbi
    • status: open --> closed

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks