lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <optid.478152674f.58DB1B68E62B9F448DF1A276B0886DF12DB5BAF5@EX2010.hammerofgod.com>
Date: Mon, 14 Jun 2010 21:40:30 +0000
From: "Thor (Hammer of God)" <Thor@...merofgod.com>
To: Nid <nidfulldisc@...glemail.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Introducing TGP...

Hey Nid - 

> -----Original Message-----
> From: Nid [mailto:nidfulldisc@...glemail.com]
> Sent: Monday, June 14, 2010 11:18 AM
> To: Thor (Hammer of God)
> Cc: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Introducing TGP...
> 
> Hi Timothy
> >
> > TGP - "Thor's Godly Privacy"
> >
> > 06/13/10 v1.1.06
> >
> First of all you should keep in mind, that base64 raises the size of your data
> by 33%.

Yep.  I'm fine with that.  One can always zip the data. 

> posting big files especially on mailing lists might offend the other users of the
> list. specially if you see the headline of lsi's answer.
> there your message is marked as spam. Also assuming to have a lot of people
> behaving like this would result in moderated lists.
> BTW why not storing your data on rented space?

Of course - all that goes without saying (well, I guess not ;)  - I was just using that as an example.  Mailing list, facebook, blog, whatever.  Of course there will be some places where that won't be appropriate, but that much should be obvious.  We could use Google cache for that matter...  The point was the portability options one has in a public environment; let's not get bogged down into things like "spam" - that takes the focus off the real point.


> 
> The next issue is that you can not trust private keys which are published on
> the internet with respect to signatures. These keys could have been cracked.
> Using such a key only for yourself to have data on the internet seems also
> not to make sense. It could be better placed on a private machine where you
> have controled access to for example with VPN or ssh.

Well, that's the whole point.  In TGP, I use AES256 bit encryption based on what should be a strong passphrase in combination with a salt to protect the private key.  To crack that private key, you would have to brute force the entire keyspace, which is currently not technically feasible, or have a custom-made rainbow table with also is not technically feasible for my 20 character passphrase and salt.   If you are going to "trust" encryption, then the key's integrity should be acceptable.  But, if you don't want to publish it, then don't.  Problem solved.  Please don't misunderstand my statements - I'm not saying one has to do that.  I'm saying that one *could* do that if you wanted to.  I could post 20 different private keys around the world in different places if I wanted to, but only use the one *I* know is used.  There are a million ways of doing it.  However, I think you are missing the logic that if your private key could really be cracked, and thus I could get the key 
 required to asymmetrically decrypt the key used to symmetrically decrypt the CryptoBlob, then I would not bother with the key at all and just crack the crypto blob.   Further, if one could just "crack" the key, then one would just "crack" the VPN encryption or SSL encryption and get your private key that you had controlled access to.  If I have to pick a locked cased to get to a key that opens another case, I'd just pick the lock on the other case.  Why looking at encrypted data as something that has to be further protected -- just make sure the encryption is sound in the first place.

> 
> The next point is if you would like to use the key in an internet cafe at a
> restaurant, you will not be able to trust the machine. most likely there is a
> trojan on it or a key grabber.

I wouldn't say "most likely" but that's a great point.  However, it doesn't matter if the machine is owned - I'm just copying the data off of it. Hell, I could print out my key if I wanted to and type it back into my own system.  Even better, if I'm using other people's public keys to encrypt data, it won't matter if the machine has a key logger.  I don't type passwords for people's public keys.   But like I already said - if you don't want to post it, don't.   Easy.  I actually speak to that in the part of my post direct below that you quoted... 

> 
> > Normally, you want to keep your private keys as safe as possible. This
> > is still the case with TGP. However, it is trivial to build as many
> > private keys as you wish to use for anything you want to use them for.
> > TGP Private Key files are password protected and individually salted,
> > so with a strong passphrase you have very reasonable assurance that no
> > one is going to get to your key any time soon. So, you can create a
> > private key with a strong password, post that, and then, say, encrypt
> > a scan of your passport and post that. Then if you are ever in a pinch
> > while travelling or something like that, you can simply use Google or
> > Bing to access your data wherever you are.

Thanks for the comments! 

t

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ