If the Private Key is not in always in your possession, either smart
card or something else, a digital signature in this instance is worth
nothing as is any audit trail, that is unsigned itself. I would be
extremely skeptical of the situation described here. Whether PGP, DES,
IDEA, etc. it makes no difference. Also, an ISP really has no proof of
who you really are either so why would anyone accept the validity of the
keys generated?? There are holes that could be argued all day including
what information is sent over an unsecure link to and from the ISP.
Back to Lurk mode.
Lonn
Frank Willoughby wrote:
>
> Verily, at 04:39 AM 3/9/90 +0000, warpy <warpy @
null .
net> did write:
>
> >My current ISP provides pgp to its users from their shell accounts. I am
> >curious to know how secure this is in fact. From what i've read it's
> >damned near impossible to crack pgp without access to the secret key
> >generated at startup (i think... feel free to correct me), but if you
> >generate a key in shell (at the isp), they will have axs to both your
> >public and secret keys. With access to both of these how easy would it be
> >then to mount an attack against a document/file/program encrypted with
> >that specific key? I'm interested in any figures anyone has regarding such
> >the feasibility/time involved in such an attempt.
>
> The following is based on the information you have provided so far.
> Whether the ISP's network, physical, & operating system security are
> secure enough matters little at this point.
>
> While I applaud the ISP's interest in security, my personal opinion
> is that the use of PGP Keys at the ISP would tend to give one a false
> sense of security and potentially be a major liability for all those
> who avail themselves of this service.
>
> For me, the issue of someone else reading your mail is a minor issue
> - compared with thought of someone else maliciously using *your* PGP
> keys to generate a document, digitally sign it, and send it on its
> way - causing you intense grief.
>
> Digitally signed documents are considered to be legally binding and
> admissable in court as evidence. If someone (ISP employee, or someone
> who attacked and )gained root access to the system where your PGP Keys
> are stored they can: read your mails, and create new mails, sign them,
> and send them out - committing you (legally) to whatever is contained
> in the contents of the mail.
>
> Using PGP keys on an unsecured system is roughly analagous to giving
> everyone on the entire planet a Blanket Power of Attorney over you.
>
> Take a deep breath & think about the ramifications of the last sentence.
>
> I would *STRONGLY* recommend that you not use PGP Keys at the ISP
>
> >Many of you will simply say do not use it from the isp, and i agree with
> >you. However i'm really more interested in how easy pgp can be cracked
> >(if at all) with just the public key, as compared to both public and
> >private.
> >
>
> Assuming that the O/S is not bullet-proof, then the list of people who
> can obtain your PGP Keys (and create signed documents) is limited to
> those (wild-eyed guess) people who have the knowledge & potential to
> obtain root on that system (probably a couple of hundred thousand).
> Once there, they would only have to log your keystrokes to obtain your
> password to the keys. (Why crack the key when keystroke monitoring
> will get you the same results more quickly?) As the key files are
> stored locally, one only needs to copy the files elsewhere & forge
> the headers (trivial task).
>
> If the O/S is bullet-proof (a true rarity), then the people who can
> obtain your keys is limited to those who work at the ISP (and their
> friends). 8^)
>
> >I ask the stupid question about whether pgp can be cracked with access to
> >the public key alone because a contact of mine spoke to a leading
> >cryptologist (Dr. Vlad Rosgova) who pointed out that all code can be
> >broken. Is it then feasible that pgp could be cracked given the public key
> >alone (i don't care about the billions of years required just whether it's
> >possible), or whether it is essential to have the secret key?
>
> No question is stupid. The problem in the scenario you mentioned in your
> mail is that an attacker doesn't have just the public key. The attacker
> has *BOTH* keys - a rather horrifying thought.
>
> >Warpy
> >
> >--------------------------------------------------
> >"Stronger crypto makes the world a safer place..."
> >http://suburbia.com.au/~warpy
> >Email: warpy @
sekurity .
org or warpy @
null .
net
> >--------------------------------------------------
>
> Again, I would STRONGLY recommend that you not use any PGP Keys
> which are stored at an ISP (particularly if you are planning on
> signing documents).
>
> Best Regards,
>
> Frank
> The opinions of the author of this mail may not necessarily be
> representative of the opinions of Fortifed Networks, Inc.
>
> Fortified Networks, Inc. - http://www.fortified.com/
> Expert (vendor-neutral) Computer and Network Security Consulting
> Phone: (317) 573-0800 Fax: (317) 573-0817
--
________________________________________________________
"It's a dirty job, but somebody's gotta do it."
- John Wayne
References:
|
|
