Quote from: nomodeset on July 21, 2012, 12:10 pmLet's assume that the server is compromised by DEA and each message can be viewed and stored for a long time (why using encryption otherwise?)Now let's suggest that DEA is not retarded and, having intercepted the letter, assumes that it came from SR. Knowing what is inside, i.e. the weight of the drug, its quantity etc, it looks on SR for the vendor who sells the same. Then, knowing address written on the letter, it attempts to encrypt it with the vendor's public key - the simplest form of attack (for more detail: https://en.wikipedia.org/wiki/Chosen-plaintext_attack) Looking at the encrypted messages intercepted earlier, it attempts to compare the encrypted by them message with the stored ones. If the only address was encrypted and sent, then bingo! They tracked you back to your SR account. All that they have to do is to sit and wait till you order anything else.tl;dr: adding a random string to the plain text messages that could be guessed easily is always good.That won't work. The encrypted output, even when encrypting to the same key or keys, is never the same. Even when cutting the public keys out of the equation and using symmetric encryption only on the same data with the same passphrase two (or more) different times won't produce identical output.