Re: Future OpenPGP Support in Thunderbird

2019-10-11 Thread Philipp Klaus Krause 
Am 11.10.19 um 20:15 schrieb Phillip Susi:

> Why the heck don't they just run gpg the way enigmail did?
> 

They don't want users to require to install gpg first. And they don't
want to ship gpg with Windows installers, since it isn't MPL.

Philipp



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Future OpenPGP Support in Thunderbird

2019-10-08 Thread Philipp Klaus Krause 
While having OpenPGP support directly in Thunderbird is probably a good
thing, I found it convenient to just use the gpg kerys for Email
encryption and signing (and conversely, being able to just use keys
imported via Enigmail to encrypt files using gpg).
It would be really nice, if Thunderbird could add an option to use the
gpg key storage instead of its own, but so far the developers want to
always  keep the Thunderbird key storage separately (thoug they are
considering functionality to import keys from gpg to Thunderbird):

https://wiki.mozilla.org/Thunderbird:OpenPGP:2020

Philipp



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

[OT] Where can I find some papers to read on mail (and envelope) security?

2019-01-30 Thread Philipp Klaus Krause 
There has been plenty of research on email security and the need for
encryption is well-known.

However, I wonder if there has been any research on mail security. Of
course, one could just put a GPG-encrypted letter in an ordinary
envelope, but there are more common measures that are meant to give some
additional security over the standard mail. I wonder how well those work.

Are there any good textbooks, etc?

There are a few aspects I can think of (but there is probably more):
* Patterns printed on the inside of envelopers. These are meant gainst
the use of light to read the contents of an unopened enveloper. How
strong are these in the face of image recognition? Did someone study
such patters?
* Tamper-proof enevelopes, meant to make it hard to open an envelope
unnoticed. How well do these work? Does it even make snsne to put much
effort into them, as an attacker could use a new envelope (though there
might be some difficulties involved to get or fake the right postmark)?
* There seems to be some literature on the security of wax seals (e.g.
"Licet ad regimen", published in 1198 - does anyone know of a German,
French or English translation).

Philipp


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: STM32F103 flash ROM read-out service

2018-06-06 Thread Philipp Klaus Krause 
Am 05.06.2018 um 02:37 schrieb NIIBE Yutaka:
> Hello,
> 
> While learning Chinese language, I found this service (in Chinese):
> 
> http://www.pcbcopy.com/2016/ic_1128/1928.html
> 
> IIUC, It's a company in ShenZhen, which offers a service reading out
> from protected STM32F103, even if it uses anti-tamper feature with a
> battery.
> 
> I was aware of similar services for PIC18 or ATmega (in different
> country).  This is new for me, specifically for STM32F103.
> 
> I don't know the detail of this service, but it seems that it's not that
> expensive (from not-confirmed information by my friend).
> 
> Well, I encourage Gnuk users to new use KDF-DO feature with newer GnuPG.
> 

See https://www.aisec.fraunhofer.de/en/FirmwareProtection.html for some
research on breaking STM32 readout protection published in January.

Philipp



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: A postmortem on Efail

2018-05-20 Thread Philipp Klaus Krause 
Am 20.05.2018 um 08:26 schrieb Robert J. Hansen:
> Writing just for myself -- not for GnuPG and not for Enigmail and
> definitely not for my employer -- I put together a postmortem on Efail.
> You may find it worth reading.  You may also not.  Your mileage will
> probably vary.  :)
> 
> https://medium.com/@cipherpunk/efail-a-postmortem-4bef2cea4c08

I don't think breaking backwards-compability is an all-or-nothing question.

IMO, it is important to still be able to decrypt old data. On the other
hand one wants sane, secure use with current data.
The functionality needed to decrpyt old files should still be there.
Possibly hidden behind some new option, if that helps security for
typical users.

If my mail client will no longer be able to display some old encrypted
message, that's ok. But I should be still able to read that message by
invoking GPG from the command-line with suitable options.

Philipp

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New smart card / token alternative

2017-11-07 Thread Philipp Klaus Krause 
Am 06.11.2017 um 23:26 schrieb ved...@nym.hush.com:
> 
> 
> On 11/6/2017 at 4:55 PM, "Tim Steiner"  wrote:
> 
> \We have been working on a project to build a direct interface for
> PGP/GPG usage using U2F for web apps and browser extensions. This is
> similar to existing smart cards and tokens but no software install is
> required.
> 
> We set out to solve this problem -"Man, I really wish I could read
> this PGP message, or send this message, or open this file, or sign
> this file, but I don't have my laptop with me"
> 
> With this solution you can keep the key offline, carry it with you
> and it works even on a computer where you can't install software -
> https://www.kickstarter.com/projects/1048259057/onlykey-quantum-future-ready-encryption-for-everyo
>
>  We are interested to hear feedback on this approach from the
> community.
> 
> =
> 
> Using this on anything except your own computer, or laptop, is
> problematic, as the 'host' computer can have a key-logger or screen
> capturer, and copy the decrypted plaintext, or the plaintext to be
> encrypted.

I have often been insituations, where I had access to a friend's
computer, and you trust the friend and their computer skills enough to
handle a message on their computer.

A typical scenario might even be a sending a signed message where the
contents are intentionally known to that friend.

While I tend to carry my laptop with me often, not everyone does.

Philipp

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: The symmetric ciphers

2013-10-30 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am 10.09.2013 15:30, schrieb Robert J. Hansen:
 On 9/10/2013 6:35 AM, Philipp Klaus Krause wrote:
 I wonder if it would be a good idea to have an option to combine
  symmetric ciphers, e.g. users could state a preference list
 like this:
 
 No.  This idea gets floated every few years and the answers never 
 change.  It's not a good idea.  If you look in the list archives
 you can find some pretty long, detailed writeups on why.

I just tried googling a bit, but the only posts I found are those that
assume that the effort to break A+B would be a+b. I did not find the
detailed writeups you mentoned, or even anything else about the
assumption that breaking A+B takes at least effort max(a,b).

 Assuming it takes effort a to break cipher A and effort b to
 break cipher b, this should result in effort at least max(a, b)
 needed to break A+B.
 
 Basically, though, it's this is a naive and unfounded
 assumption.

Well, here's a (rough, and maybe naive) explanation of why I assumed
that the effort is at least max(a, b):

First, I assume assume that the effort for breaking anything so is
much more than the effort for encryption given the key, that the
latter is negligible.

So assume there is an attack on A+B. that allows to break A+B with
effort e less than max(a,b). That means that at least one of e  a or
e  b is true.
Case 1: e  a: Well, whenever someone is using A, we can just encrypt
the ciphertext using B with a key of our choice. Any attack on A+B
thus immediately translates into an attack on A, contradicting the
assmption e  a. The attack on A would be of the same type as the one
on A+B.
Case 2: e  b:
Hmm, this one seems harder. If I have an attack on A+B that yields
information about the key, I can get a chosen-ciphertext attack on B
from it.
An attack on A+B that yields information about the plaintext could be
combined with an attack on A that yields information on the key to get
an attack on B that yields information on the plaintext.
If A happens to have a weak key, I would get an attack on B that
yields information on the plaintext as well. Any way I should get an
interesting result of the type b  a + e. I think there is a stronger
result possible here, but I admit don't know how I could get there.

Philipp


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlJxP5wACgkQbtUV+xsoLpoIaACg8KWSjlIToJb40MzI4r+b1nT9
ySAAn0zbo5hbMReGpCycThO6Cy4BAg1H
=gNuW
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: 2048 or 4096 for new keys? aka defaults vs. Debian

2013-10-30 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am 27.10.2013 19:47, schrieb Peter Lebbing:
 On 27/10/13 19:09, Filip M. Nowak wrote:
 1) Specialized microcontrollers with crypto capabilities are
 available and used for years now (AVR XMEGA which is 8 bit for
 example)
 
 AVR XMEGA has DES and AES, no asymmetric acceleration. Also, I
 think the market of XMEGA is phenomenally tiny compared to regular
 AVR/PIC (personally, I would go to ARM if megaAVR isn't enough).
 
 Are there 8-bit microcontrollers with RSA acceleration?

Well, some, such as the Rabbit families have support for
arbitrary-length multiplication that AFAIK was included mostly to make
RSA implementations faster.

Philipp

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlJxQZMACgkQbtUV+xsoLprZ9wCgnfkIFzpByEwHkfC4BdZ+kEw5
3PgAmQGQ2XukmQwonj+OXmSq0EgYALGt
=VoHH
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: The symmetric ciphers

2013-10-30 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am 10.09.2013 13:45, schrieb Werner Koch:
 You would also need a second public keypair to protect the second 
 symmetric key.  If you don't, the attacker would target the public
 key scheme directly - ah well that is in any case the lower hanging
 fruit.

I wouldn't assme that: RSA is something taught in typical maths and
computer science curriculums at universities. Factorization is a
well-known problem.
Symmetric ciphers, on the other hand are for specialists.
So I would assume that RSA got much more attention and eyes looking at
it than any symmetric cipher.

Philipp

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlJxPIAACgkQbtUV+xsoLpqAAACg9OF7Wa+MsoIbyEpcEqruFpgT
rkUAniJ6U2sZExDoo/iFa4A1W4XXobaw
=wl/M
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: The symmetric ciphers

2013-10-30 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am 30.10.2013 18:39, schrieb Robert J. Hansen:
 Well, here's a (rough, and maybe naive) explanation of why I
 assumed that the effort is at least max(a, b):
 
 If you first encrypt with ROT10 and then with ROT16, the final
 strength is not the maximum of (ROT10, ROT16).  You may think
 that's a silly example, and I grant that it is, but it illuminates
 the point pretty well and avoids a lot of difficult math.

But ROT10 and ROT16 fail the condition that breaking them should be
substancially harder than applying them.

Philipp

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlJxUOwACgkQbtUV+xsoLpp/SQCgxg0xSXLXEzpazQ3TwhXv82JC
HNcAnAsmU5WL/naU9LbBAY4GdrtRyoo/
=euUP
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: The symmetric ciphers

2013-10-30 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am 10.09.2013 12:35, schrieb Philipp Klaus Krause:
 I wonder if it would be a good idea to have an option to combine 
 symmetric ciphers, e.g. users could state a preference list like
 this:
 
 TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES
 
 The meaning of A+B would be to encrypt using A first, and then
 encrypt the result using B with a different key. Assuming it takes
 effort a to break cipher A and effort b to break cipher b, this
 should result in effort at least max(a, b) needed to break A+B. And
 with uncertainity about possible weaknesses in individual ciphers,
 this seems like a reasonable measure to me.
 
 Philipp

If we have plenty of randomness available, we could do this a
different way:
XOR the message M with a random one-time pad P to obtain N. Encrypt P
with A, and N with B.
The drawback is that this doubles the lenth of the message.

Philipp
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlJxXTEACgkQbtUV+xsoLpqEhwCgnb7/AFx3b8q6a/sFPfPSt4NG
8SYAn3DgDL2BXYAwdfdcTSl+tBDJ/Jwt
=Hsq+
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: The symmetric ciphers

2013-10-30 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Is there a known good way to combine multiple symmetric ciphers into
something that is at least as strong as the weakest of them?

Philipp

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlJxiSkACgkQbtUV+xsoLprSJQCfSXdZW2CmWFz6+CCpRNT3nBLK
El4An1psE3eEeYZU36f9Z+YXuYQBSwvD
=fsr4
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: The symmetric ciphers

2013-10-30 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am 30.10.2013 23:33, schrieb Philipp Klaus Krause:
 Is there a known good way to combine multiple symmetric ciphers
 into something that is at least as strong as the weakest of them?
 
 Philipp
 

This should have been ... as the strongest of them?.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlJxjlkACgkQbtUV+xsoLpoWVwCeN21t5LI39J9Fz4JcJfJp85fh
CXQAoITjUB4H/LTVPN5yS7UlVfrgUjP7
=7eRd
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: The symmetric ciphers

2013-10-30 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am 30.10.2013 23:51, schrieb Bob (Robert) Cavanaugh:
 I guess I lost track of the initial purpose of this thread. Why do 
 you want this if you can only achieve the same cryptographic
 strength as one of the ciphers? What problem are you solving?

There are multiple symmetric ciphers. Any one of them might already
have been broken by an adversary, but I assume that there are many
among them that are not broken. I do not know which ones are which.

So, if I have ciphers A, B and C, and a way to combine them into one
symmetric cpher that is at least as strong as the strongest among
them, I could use this combined cipher for somewhat secure
communication as long as at least one of A, B, C is not broken, even
if I do not know which ones are broken.

Philipp
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlJxjsMACgkQbtUV+xsoLpoM7ACfUWEYet6vVgtQH4PDJQmYIbBP
i78AoIyoDEdCSzbzHTXUicuaxlwsWaD3
=5hUv
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Sign key and export for each UID

2013-09-18 Thread Philipp Klaus Krause 
Am 17.09.2013 02:09, schrieb Doug Barton:
 On 09/16/2013 03:02 PM, Philipp Klaus Krause wrote:
 | Unfortunately, tools for signing keys with multiple UIDs IMO are not
 | user-friendly enough, tpically due to the following:
 |
 | 1) They require the user to be familiar with the command-line,
 | 2) They require the user to run a unixoid OS,
 | 3) They require the user to have configured mail for their OS.
 
 I would argue that this is true regardless of the number of uids on a
 key. I do use PGP with Windows, but I also use the command line there. I
 do not know of any software that has a competent GUI that does
 everything I would want it to do, or even a reasonable subset of it. I
 would find it interesting to be proven wrong however. :)

Well, IMO enigmail does a somewaht resonable job for single-uid keys,
since users can in the GUI right-click and select to sign a key (and the
GUI lets them select the level of verification using radio boxes
selecting from textual descriptions, instead of asking for a number,
like pius does). And then they can right-click and select to send the
public key.
This is not optimal, as it requires two steps, and requires filling in
the receivers email address manually. While I don't use Windows, AFAIK,
this works the same on Windows as on other systems. It only requires
mail to be configured in the mail client (which every user that runs a
mail client has done), as opposed to the OS level.

Philipp




signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Sign key and export for each UID

2013-09-17 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am 17.09.2013 08:23, schrieb atair:
 On 9/16/13, Doug Barton do...@dougbarton.us wrote:
 The way that your signer did it is _a_ standard way to do it.
 CAFF is a very popular program for that, and there is another
 here that is also pretty good:
 http://www.phildev.net/pius/news.shtml
 Is there a way to achieve the same signatures from gpg command
 line? For example $ gpg -a --export uid exports the complete key
 and not just the signature. However, I understand the gpg-man pages
 in a way that it's possible to do a $ gpg -u my_keyid --edit-key
 other's_keyid
 sign other's_first_uid sign other's_second_uid ... q
 Is that true? How could I export the created signature for each
 step? (sth like an -a --export file but from interactive mode
 seems not to be present...)

See section Multiple-UID keys on
http://www.phildev.net/pgp/gpgsigning.html
wich was written by the author of pius.

 
 BTW: I'm on GNU/Linux for some years now and I'd never use Windows
 again ;) So personally, I don't care whether these tools exist for
 Windows or not...
 

Independent of me using Windows or not, I still want Windows users to
be able to sign my keys.

Philipp


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlI3/UkACgkQbtUV+xsoLppMYwCgsc13iE9hUcoBxNjX2OZ7cxhs
l1sAniaDiK6XVfYEhwFaOjt2Ly0GEjXX
=63e/
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Sign key and export for each UID

2013-09-16 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Am 16.09.2013 23:18, schrieb Ingo Klöcker:
 On Monday 16 September 2013 11:57:04 Doug Barton wrote:
 The way that your signer did it is _a_ standard way to do it.
 CAFF is a very popular program for that, and there is another
 here that is also pretty good:
 http://www.phildev.net/pius/news.shtml
 
 I have another philosophy that works for me because I prefer not
 to sign uids that are not valid. I send encrypted e-mail to each
 uid with a pseudo-random string and ask the person to send me
 back the string in a signed message. That allows me to determine
 if the person has control of all 3 elements of the uid; the
 e-mail address, private, and public keys.
 
 CAFF (and apparently also PIUS) achieve same: A signed UID is sent
  encrypted to the UID's email address. The signature on the UID can
 only be retrieved by a person who controls the email address and
 the private key. What do you mean by having control of the public
 key? How does your workflow verify that the person has control of
 the public key? AFAICS the public key is not needed for anything in
 your workflow.

Unfortunately, tools for signing keys with multiple UIDs IMO are not
user-friendly enough, tpically due to the following:

1) They require the user to be familiar with the command-line,
2) They require the user to run a unixoid OS,
3) They require the user to have configured mail for their OS.

IMO, until the functionality to sign keys with multiple UIDs and send
each signature to the associated UID gets integrated into mailclients
or their plugins, keys with multiple UIDs should not be used.

Philipp

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlI3f+IACgkQbtUV+xsoLpqOiQCfd101zScXpxbkM09fw6H8j71f
in4AnRWnG3YdXewXoZ5UxnLmFfWXWQRx
=l165
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

The symmetric ciphers

2013-09-10 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list like this:

TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES

The meaning of A+B would be to encrypt using A first, and then encrypt
the result using B with a different key. Assuming it takes effort a to
break cipher A and effort b to break cipher b, this should result in
effort at least max(a, b) needed to break A+B. And with uncertainity
about possible weaknesses in individual ciphers, this seems like a
reasonable measure to me.

Philipp
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlIu9f8ACgkQbtUV+xsoLpr7hgCglipmlV07D+wh0ylVgs+7MX1E
d+wAnREuQlhGEEg6IbcHXRb+L/d/hIBS
=T5GL
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Should the use of multiple UID per key be discouraged?

2013-09-10 Thread Philipp Klaus Krause 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

GPG supports the feature of having multiple UIDs per key.
However this requires special care of anyone signing such a key.
AFAIK, there is no really user-friendly, and definitely no
newbie-friendly way to do so. IMO this makes it much harder to expand
the web of trust.
Would it be a good idea to discourage people from having multiple UIDs
per key, and encourage them to create a separate key per UID instead?

Philipp
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlIvbIYACgkQbtUV+xsoLpqLAQCgnwIrB/E/Q1tcCyG8GvjvWcOX
vU8AoOElrV2BTmFg3P33dLCwvgH7H6p5
=iAg1
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: key management APG

2013-08-04 Thread Philipp Klaus Krause 
Am 03.08.2013 14:51, schrieb Hauke Laging:
 Am Sa 03.08.2013, 12:16:56 schrieb ix4...@gmail.com:
 
 On 30 July 2013 22:30, ix4...@gmail.com wrote:
 
 I only need one GPG identity for now. I also use GPG on devices of two
 classes: Secure and insecure. I would like to take some operational
 security (OPSEC) precautions to minimize my pain when my insecure devices
 get compromised.
 
 You should consider using two keys for the same identity and very obviously 
 give them different security levels.  IMHO that's what we all are going to do 
 in five years.
 
 Then the sender can decide how confidential the information is (or how 
 reliable the signature must be).

You mean creating two separate keys for the same email address? And sign
each with the other?
Anyone else will have to sign both of my keys for this address?
How would I document the security levels? Use the comment field? Will
current software make the choice easy for the people sending mail to me,
or will their mail program just choose one of the keys without asking
the user?

Philipp


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

2013-07-26 Thread Philipp Klaus Krause 
Am 25.07.2013 07:49, schrieb Christopher J. Walters:
 On 7/24/2013 6:06 PM, Robert J. Hansen wrote:
 (My original reply went just to Philipp.  My apologies.)
 
 No apology necessary.
 
 I also must apologize, as my original reply got sent to Robert J.
 Hansen, when it was intended for the list.
 
 On 7/24/2013 1:53 AM, Philipp Klaus Krause wrote:

 Unfortunately, this is not casting very much light on things.  The use
 of phrases like CONFIDENTIAL, SECRET and TOP SECRET have very specific
 meanings in NATO countries, and you're using them here in ways that are
 at odds with their NATO meanings.
 
 This is true, and NATO countries have very specific and well defined
 ways of dealing with data with those titles, depending on the country.
 
 Let me try this rephrasing:
 
 [snip]
 
 Further, each piece of traffic can receive any of three classifications:
 C, S or TS.  You can send C traffic to Bender: the necessary keys to
 decrypt it are held there.  However, although you can technically send
 TS traffic to Fry, Fry can't decrypt it: the keys aren't there.

 If I have this right, then you've walked straight into the Bell-LaPadula
 security model.  You'll be well-served by reading up on it: a good
 academic reference will answer many of your questions.
 
 I'll have to look that up and read up on it, when I have the time.
 
 The short answer is, OpenPGP by itself will not be sufficient for your
 purposes.  It might be able to provide a couple of tools, but what you
 want to achieve is far beyond the scope of OpenPGP.
 
 That was my conclusion, as well.  That is why I suggested the bootable
 GNU/Linux or *BSD Live CD  (with some vital tools on it, of course) and
 a USB thumb drive - with an encrypted filesystem for storing the keys
 (I'm not familiar with the smart card's capabilities, and as every smart
 card reader I have is non-functional, I cannot test it out).
 
 My suggestion went beyond OpenPGP and GnuPG to try to solve the problem
 Philipp described.

Sorry, but I want to be able to read encrypted mail sent to my
university email address on my university computer. Without any extra
effort of booting from a live-cd or such.

Philipp



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

2013-07-24 Thread Philipp Klaus Krause 
Am 24.07.2013 08:35, schrieb Heinz Diehl:
 On 24.07.2013, Philipp Klaus Krause wrote: 
 
 I do not trust the computer at university with the secret key used to
 decrypt my private mail.
 []
 
 Still, I want  to be able to read any encrypted mail sent to my
 unversity addresses on the computer at university. And I want to use
 encryption, since the mails might contain sensitive information, such as
 exams, grades, etc (and the mail servers are maintained by students).
 
 You can't have security on a machine which is out of your control. If
 others have physical access to your machine at university, what you
 want isn't possible. They could simply install a keylogger or other
 monitoring.

I just want multiple security levels: Decrypt mail addressed to the
university address, but not mail addressed to my private address on the
university computer. Decrypt both types of mail on my private computer.
After all the security I want works when using two separate keypairs
(but that has the disadvantage of other people having to sign multiple
keys).

Philipp


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

2013-07-24 Thread Philipp Klaus Krause 
Am 24.07.2013 15:18, schrieb Mark H. Wood:
 On Wed, Jul 24, 2013 at 11:33:18AM +0200, Philipp Klaus Krause wrote:
 I just want multiple security levels: Decrypt mail addressed to the
 university address, but not mail addressed to my private address on the
 university computer. Decrypt both types of mail on my private computer.
 After all the security I want works when using two separate keypairs
 (but that has the disadvantage of other people having to sign multiple
 keys).
 
 Um, wait...what does other people signing your keys have to do with
 you decrypting mail?  Authentication and privacy are two different
 dimensions of communication security.


Uh, AFAIK with GPG, I have a keypair. Other people sign it, so people
who see the signature can trust that it is mine. So the private key I
use to decrypt should correspond to a public key signed by other people.
How else would others know that the key they use to encrypt is mine, and
assume that only I can decrypt it?

Philipp

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Multiple email addresses - any alternative to ask everyone to sign all my keys?

2013-07-23 Thread Philipp Klaus Krause 
I'm currently using 4 email addresses - 1 for private mail, 1 for a
small business, and 2 for university. Currently I have three keys - one
for the private mail, one for the business, and one for unversity. Each
of the keys has been signed with all keys.

Of course it is annoying to have to ask everyone to sign three keys -
after all they are all my keys, and the people I ask to sign my key all
get to see the same passport. Is there a better alternative?

I do not consider my university computer safe enough to trust it with
the private key for my private mail. I.e. I do not want someone who
breaks into the university office and installs a keylogger to be able to
read encrypted mail sent to my private account.

Philipp

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

2013-07-23 Thread Philipp Klaus Krause 
Am 23.07.2013 21:04, schrieb Heinz Diehl:
 On 23.07.2013, Philipp Klaus Krause wrote: 
 
 Of course it is annoying to have to ask everyone to sign three keys -
 after all they are all my keys, and the people I ask to sign my key all
 get to see the same passport. Is there a better alternative?
 
 Create/use one key, and add all the different addresses.
  
 I do not consider my university computer safe enough to trust it with
 the private key for my private mail.
 
 In this case, why should anybody else trust in the integrity of your
 identity? If you don't trust this machine, revoke the key and don't do
 anything confidential on/with it.
 
 

That's not a practical solution. I want to be able to read encrypted
mail sent to my university addresses on that machine.

Philipp



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

2013-07-23 Thread Philipp Klaus Krause 
Am 23.07.2013 23:22, schrieb Max Parmer:

 
 Sounds like you might want an offline master key with a couple UIDs and
 several subkeys.
 

But can I have multiple encryption subkeys, with encryption subkeys
associated with UIDs? I though one subkey per UID only works for signing.

 Also if I didn't trust a system enough to use any secret key on it I
 probably also would not want to expose decrypted messages to that
 system, presuming the messages you receive have sensitive/important
 information in them.
 
 Something to consider if you really have cause to not trust that
 computer might be setting up a dedicated, air-gapped system for
 encryption/decryption.

I do not trust the computer at university with the secret key used to
decrypt my private mail. I did set up that computer myself, but we have
burglars breaking into the offices every few years, many people have
keys to the office, etc.

Still, I want  to be able to read any encrypted mail sent to my
unversity addresses on the computer at university. And I want to use
encryption, since the mails might contain sensitive information, such as
exams, grades, etc (and the mail servers are maintained by students).

Philipp


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

2013-07-23 Thread Philipp Klaus Krause 
Am 23.07.2013 23:22, schrieb Max Parmer:

 
 Sounds like you might want an offline master key with a couple UIDs and
 several subkeys.
 

But can I have multiple encryption subkeys, with encryption subkeys
associated with UIDs? I one subkey per UID only works for signing.

 Also if I didn't trust a system enough to use any secret key on it I
 probably also would not want to expose decrypted messages to that
 system, presuming the messages you receive have sensitive/important
 information in them.
 
 Something to consider if you really have cause to not trust that
 computer might be setting up a dedicated, air-gapped system for
 encryption/decryption.

I do not trust the computer at university with the secret key used to
decrypt my private mail. I did set up that computer myself, but we have
burglars breaking into the offices every few years, many people have
keys to the office, etc.

Still, I want  to be able to read any encrypted mail sent to my
unversity addresses on the computer at university. And I want to use
encryption, since the mails might contain sensitive information, such as
exams, grades, etc (and the mail servers are maintained by students).

Philipp


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

2013-07-23 Thread Philipp Klaus Krause 
Hmm, since everyone seems to think He doesn't consider the unviersity
computer secure enough for something, so he shouldn't consider it secure
enough for anything, it seems I'm failing and communicating what I want
to do. Maybe having a look at the following scenario will help:

I have three computers, a smartphone named CONFIDENTIAL, a desktop in my
office named SECRET, and one in the underground shelter with armed
guards and the dog that needs to be fed the right type of meat to let me
through named TOPSECRET.
I have email addresses confidential@me, secret@me and topsecret@me.
People sending confidential mail will send to confidential@me, and
expect a reply within a short timeframe, so I need to be able to decrpyt
and read the mail on CONFIDENTIAL. On SECRET, I want to read mail sent
to confidential@me and secret@me. People that value security over timely
processing will send mail to topsecret@me. On TOPSECRET I want to be
able to decrypt mail sent to confidential@me, secret@me and opsecret@me.
Nothing that happens to computer CONFIDENTAIL may allow other people to
read mail sent to  secret@me or topsecret@me. Nothing that happens to
SECRET may allow other people to read mail sent totopsecret@me.

I can handle this scenario by having three keypairs, one for each of the
email addresses. But this would require everyone to sign all three of
these keys. Is there a way to handle this secnario, such that people
only have to sign one key?

Philipp


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users