lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 27 May 2006 12:01:59 -0700
From: John Pettitt <jpp@...udview.com>
To: jon@....com
Cc: bugtraq@...urityfocus.com
Subject: Re: On the Recent PGP and Truecrypt Posting


jon@....com wrote:
> [snip]
>
> Simply put, if you change the passphrase on a PGP Virtual Disk, or a Truecrypt volume, or anything else, it does not change the passphrase on backups of that data. If you restore the data from the backup, the passphrase on the restored file is not the passphrase on the changed one.
>
>   
Ignoring the issue of how things were published ....

I think the underlying point is that many users, not understanding the
difference between the bulk key used to encrypt the data and the
passphrase used to protect that bulk key would assume, incorrectly that
changing the passphrase would lock out prior users.

Clearly a users with a backup copy of an encrypted disk for which they
know the passphrase can use the technique described to decode a more
recent image of the same encrypted disk even though the owner of the
disk may think it safe because the passphrase was changed.   In this
situation the old user gain access to newer data that they were not
supposed to be able to access.    This is different from the described
restored backup situation in that the user is using a partial restore to
circumvent a security mechanism.

The re-encyrpt button obviously defeats this attack however it's not
clear that real world users actually understand the need to re-encrypt
to make pass phrase changes meaningful when backup copies exist.   I
think this is mostly a documentation issue and perhaps a user interface
design issue in that users should be strongly advised to re-encrypt when
they change the passphrase.

John

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ