Re: paperkey // ? feature request

2009-02-11 Thread David Shaw 

On Feb 11, 2009, at 3:00 AM, Benjamin Donnachie wrote:


This thread reminded me of the attached...




Even more amusing (and accurate) is the ALT text you can see when you  
mouse over the picture.


David


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-11 Thread Faramir 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Benjamin Donnachie escribió:
> This thread reminded me of the attached...

  LOL, right... but it could be even worst... a few drops of Scopolamine
(prepared as Burundanga) in your beer, and the attacker would be able to
make you tell him your passphrases and other stuff, just by asking you
to tell that info. And an overdose would be fatal.

  Best Regards
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJJkpHUAAoJEMV4f6PvczxA15cH/1EV7TLrI7XPHoVzEL5f1c0f
tJXDL1mR0RW5QrxwhwOwScBaRsXtu4mCYwZNA04wO0K3p8ZBP0p3ur13VibyvvEV
L50oQtUdDVuhudfzB2g+b3IMbpPXmwLbLWoyF8d6FDuSwnm9YyNXqhZhmr1vbc4R
s/x6+pGSmzs9aEeUGgri4wJEaOFjxIfWbFvhKXwjm/p5O/QXPAMHX8eKvb3KFI6Z
8FTFNQXBjTWNAw9pJNP907qB3FExp88sac6OiJl6yxguKi8GUTDrVm18TS1M6SMT
LT97jsT5gt+I7qsi+fT7M+V0SL5j3IJLDH6y9m0+PGpNH7fHX3ZmEkA5YcvoYPM=
=8VNm
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-11 Thread Benjamin Donnachie 
This thread reminded me of the attached...

Ben
<>___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Faramir 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Robert J. Hansen escribió:
> Faramir wrote:
>> Right, but if I understood it well, he had done more than 700 calls
>> from a rechargeable prepaid card... that is not a disposable card.
> 
> That wasn't his problem.  That was, honestly, mostly irrelevant.
> 
> This was his problem: when you're trying to cover your tracks, there are
> literally hundreds, if not thousands, of ways you can screw up.  You
> have to cover up all of them.  The people hunting you only have to
> uncover one.

  Well, some time ago I realized if I were a spy, I would already be a
dead spy...

  And by the way, I already checked my USB flash drives (thanks for the
advice, David), and it's right, DataTravelers have serial numbers, and
surprisingly, Microlab devices also have serial numbers... I thought
maybe these were generic enough to don't have them...

  Best Regards
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJJknYeAAoJEMV4f6PvczxAx88H/RJinbFD8m3QFnNJra4zmLtH
URcttsTurN/8xClPLsDABAb21wESHxL0VrgApcAiKUe2rM2MJIUPbrhgwpbekh2c
lGAVtdhHBOKNdhidkmPZHBT9Am86k/94j1p5Wbj/tveIG3UrFwivQVDpMdrjGLB8
snxHMTPSRc9WRRLTXQDMHM7CgQlyIWhn18+jJJt5Mo5TQJ4nBOq4mMjaCoELY9XQ
p7K612wGRUZ6aRlbwas5SdBYAWdZsbZWadkloTBDN3QxqLecS/5jfzBUrGSwgRn8
l+qb4aQYw+cfLGNbnFrhm/SWThBEv1oOHNlnycbcuCkCaCSPaOSD7YV69PyKRgw=
=6ir/
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Robert J. Hansen 
Faramir wrote:
> Right, but if I understood it well, he had done more than 700 calls
> from a rechargeable prepaid card... that is not a disposable card.

That wasn't his problem.  That was, honestly, mostly irrelevant.

This was his problem: when you're trying to cover your tracks, there are
literally hundreds, if not thousands, of ways you can screw up.  You
have to cover up all of them.  The people hunting you only have to
uncover one.

McVeigh was also undone by the Ryder truck itself.  He thought the truck
would be destroyed in the explosion and not provide any links to him.
Within hours of the blast, though, they found one of the truck's
axles... and it still had a serial number legible on it.  They called
the axle manufacturer and found out what that axle had been put on; they
called up that truck's VIN number and tracked to whom it had been sold.
 Within a day they were serving the rental facility with a ton of
subpoenas and FBI forensic accountants.

If it hadn't been the phone card, it would've been the axle.  If it
hadn't have been the axle, it would've been the enormous ammonium
nitrate purchases he made.  If it hadn't have been the enormous ammonium
nitrate purchases, then the police would've followed up on a neighbor's
complaint about an awful diesel stink by Terry Nichols' home.  If it
hadn't... etc., etc.

There's a lesson in this for anyone who's thinking of ways to be one
step ahead of the secret police.  You'll get tripped up by things you
never thought of, or things you wrote off as being impossible.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Faramir 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

David Shaw escribió:
...
> and capable.  The Timothy McVeigh example from earlier is particularly
> good here: the US government really, really wanted to find him, and
> fast.  That is certainly "sufficiently motivated and capable".

  Right, but if I understood it well, he had done more than 700 calls
from a rechargeable prepaid card... that is not a disposable card... if
he had used some sort of disposable prepaid cards (the only kind that
exist here), it would have been a lot harder to track him by it...
  But, IMHO, his worst mistake was to don't be smoking while he prepared
the bomb...

  Best Regards
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJJkmOWAAoJEMV4f6PvczxAvNgH/jS4ZiM61sCbRk0VnfLIClfb
EK23uecxKIBPtDJuK46jZbNiaW4lWYWvy53VMm6SYlvJyOAbYKfbNrCh68UGQB4a
I7EBF6W5Pm4Ng9gkF7SiTOlAmPrQNYpweZKBIJbaMXLemy4EL3HiSqCQPk1WfsMh
z/xJGPAgna9dkXnn8FRku5beiYiilhKXmjXkQ8ShJhGYDcMXrQ8VaPqeWpJml5Xz
Ng/WzzTubcS9nXq+kLWgT/2qxYuYfo8SCv/cyavElsmwG2n7oSflt8LfVeKXTCGZ
FQ3qF1HwZUYRVVuQ2Rxs8wDMQ1AwvWhkI45SaWgkU8yE2565orqGo69hKI2J2t0=
=P7Eu
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread David Shaw 

On Feb 10, 2009, at 11:21 PM, Faramir wrote:


Robert J. Hansen escribió:

David Shaw wrote:

I don't know if I'd go so far as to call it a GUID as it is only
unique relative to the vendor and device type


Must be my luck, then -- the ones I've looked at have all had per- 
device

serial #s.


 How can I check my flash drives? Unfortunately I'm using Windows XP,
which I suppose neither of you use... I searched a bit, but couldn't
find anything. I am talking about a USB Flash drive Kingston
DataTraveler... it doesn't have any encryption or intelligent  
capability
(other than balancing the usage of memory sectors, in order to make  
file

shredders useless... I mean, in order to increase the lifespawn of the
drive).


Look for a program called "USB View".  I haven't used it myself, but  
it is described as being able to print the entire USB tree.  Once  
you're running look for the "iSerial" field.


Kingston DataTravelers do have serial numbers though.  I have one.

David


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Faramir 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Robert J. Hansen escribió:
> David Shaw wrote:
>> I don't know if I'd go so far as to call it a GUID as it is only
>> unique relative to the vendor and device type
> 
> Must be my luck, then -- the ones I've looked at have all had per-device
> serial #s.

  How can I check my flash drives? Unfortunately I'm using Windows XP,
which I suppose neither of you use... I searched a bit, but couldn't
find anything. I am talking about a USB Flash drive Kingston
DataTraveler... it doesn't have any encryption or intelligent capability
(other than balancing the usage of memory sectors, in order to make file
shredders useless... I mean, in order to increase the lifespawn of the
drive).

  Best Regards
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJJklI1AAoJEMV4f6PvczxAKNYIAKDDWzFm3ng2wzJ3Dgyob12e
1CrxL72TFXM5QkFiU6p5g7BJDsqmYrKtaFnfC5ZCfpyasAi6c30vnBpfMLRFu/Qu
11xBnOV2wm+pSEnJXCXuBw7ikWflv/lvlmFcFIlrlWe/aKLMFtV5hpXAP8twZ0xr
0WuDzHcDgXWF1JBRkU+8XffE/xNS2/E2PrFqP+qaE9dSJiQhC70S2ylOdEc41KGX
mWuV+mHZUBzfpEURDppdTjikRY0WG+i79VOu1O5iFoIa+o5ZVJFFgBj478Z9SXDM
iZWyK6AapsAisMyXYctCI+DeFcpV99szSax7BgdGl/bcY9TgPZQLZElRvREFknQ=
=wdWC
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread David Shaw 

On Feb 10, 2009, at 9:51 PM, Robert J. Hansen wrote:


David Shaw wrote:

I don't know if I'd go so far as to call it a GUID as it is only
unique relative to the vendor and device type


Must be my luck, then -- the ones I've looked at have all had per- 
device

serial #s.


I suspect the better-quality or brand named ones are more likely to  
have real serial numbers.  The ones that I have without serial numbers  
are very much "no name brand".



There is also no guarantee that the host computer will log the device
serial number (modern Linux does, but you're more likely to find some
flavor of Windows in an internet cafe).


Yes and no, I think.  E.g., China's internet cafes are being pressured
heavily to use the government-approved Red Flag Linux.  There's also
been talk in the press about the Russian government pressuring  
internet

cafes to give "more complete cooperation with law enforcement", which
sounds like it could cover a whole host of badness.  On the other  
hand,

you have the very lax regulatory situation of the United States, where
that sort of pre-existing relationship is hard to imagine.


Indeed.  Of course, even if the host does log the serial number, the  
log is less useful if the serial number is "FF" or the like.  Not  
that the lack of a serial number really changes the equation all that  
much.  There are half a dozen or more ways for someone to be traced  
through an internet cafe if the person doing the tracing is  
sufficiently motivated and capable.  The Timothy McVeigh example from  
earlier is particularly good here: the US government really, really  
wanted to find him, and fast.  That is certainly "sufficiently  
motivated and capable".


David


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Robert J. Hansen 
David Shaw wrote:
> I don't know if I'd go so far as to call it a GUID as it is only
> unique relative to the vendor and device type

Must be my luck, then -- the ones I've looked at have all had per-device
serial #s.

> There is also no guarantee that the host computer will log the device
> serial number (modern Linux does, but you're more likely to find some
> flavor of Windows in an internet cafe).

Yes and no, I think.  E.g., China's internet cafes are being pressured
heavily to use the government-approved Red Flag Linux.  There's also
been talk in the press about the Russian government pressuring internet
cafes to give "more complete cooperation with law enforcement", which
sounds like it could cover a whole host of badness.  On the other hand,
you have the very lax regulatory situation of the United States, where
that sort of pre-existing relationship is hard to imagine.

> Do you have a cite on this recovery beyond that story?  I have not 
> heard of such a thing, and Google came up blank.  I wonder if your 
> sushi companion was pulling your leg.

I'll ask about it shortly.  It's possible I'll get an answer of "yes, I
was there, I saw it, and no, I can't talk about it," though, in which
case I can't fault anyone for incredulity.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Robert J. Hansen 
David Shaw wrote:
> Not exactly: http://www.wpi.edu/News/Journal/Summer98/secured_opus.html

Thank you for the link -- I was going by my recollection of journalistic
coverage after the attack, but apparently either it or my memory was in
error.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Moritz Schulte 
> the latter cannot be attacked without the keypair and the 
> passphrase,

Keep in mind that we are talking about a hybrid crypto system. Your
hidden assumption seems to be that the session key which is generated
during encryption to a public key is not worth attacking. Then, nothing
prevents you from using that session key together with a symmetric
crypto system directly.

In a way, the public-key crypto system is a layer on top of a symmetric
crypto system, which tries to solve the key distribution problem. When
you don't want to distribute keys -- and that's how I understand you --
it doesn't make much sense to use it.

mo




signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread David Shaw 

On Feb 10, 2009, at 7:25 PM, Robert J. Hansen wrote:


Faramir wrote:

 IMHO, the difference is the recipients can send it's public to me by
some way, and check the fingerprint by telephone...


It's not a disposable session key if the recipients need to contact  
the

sender afterwards.  If you're assuming a high threat environment, you
kind of need to assume the sender got flipped right after sending the
message.


But how? There is still the chance to buy things with effective, not
with credit or debit cards, and USB Flash Drives are cheap enough and
easy to find at stores to make it very hard to trace...


Timothy McVeigh was tracked through his use of a prepaid calling  
card...

which he paid for with cash.


Not exactly: http://www.wpi.edu/News/Journal/Summer98/secured_opus.html

But still, I can imagine several ways USB drive can be traced - even  
if it has a non-unique serial number and paid for with cash.  Most of  
them sound somewhat silly outside of a movie (which doesn't make them  
impossible - just amusing).


David


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread David Shaw 
On Tue, Feb 10, 2009 at 04:44:01PM -0500, Robert J. Hansen wrote:

> > [2] above mentioned message posted anonymously to newsgroup like 
> > comp.security.pgp.test 
> > from internet cafe, 
> > (pre-paid in cash, using new usb drive with nothing else on it)
> 
> USB tokens have GUIDs, Globally Unique Identifiers.  Computers keep
> track of what GUIDs they've seen.  If the secret police get access to
> the PC, then they know "ah, someone used GnuPG on a USB token, with a
> GUID of...", etc.  That USB token can now be connected to you.

This isn't completely true.  The USB protocol does have the concept of
a per-device serial number.  I don't know if I'd go so far as to call
it a GUID as it is only unique relative to the vendor and device type,
but in any event, it isn't always used by the manufacturer.  For
example, I have three USB drives on my desk at the moment.  One of
them has an actual (presumably unique) serial number, one has a serial
number of "", and the last has a serial number of "0".  There
is also no guarantee that the host computer will log the device serial
number (modern Linux does, but you're more likely to find some flavor
of Windows in an internet cafe).  There is also no guarantee that the
secret police will know what was run from the USB drive (the converse
is true as well, of course).

I can imagine the movie plot, though. :)

> [2] I had sushi with a colleague of the guy who recovered the crosscut
> CD-R.  They gave that task to him person specifically because of his
> severe OCD.  The guy later said it was the happiest month he'd ever
> worked: he was allowed to indulge his OCD for 16 hours a day and
> everybody left him alone.

Do you have a cite on this recovery beyond that story?  I have not
heard of such a thing, and Google came up blank.  I wonder if your
sushi companion was pulling your leg.

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Robert J. Hansen 
Faramir wrote:
>   IMHO, the difference is the recipients can send it's public to me by
> some way, and check the fingerprint by telephone...

It's not a disposable session key if the recipients need to contact the
sender afterwards.  If you're assuming a high threat environment, you
kind of need to assume the sender got flipped right after sending the
message.

> But how? There is still the chance to buy things with effective, not
> with credit or debit cards, and USB Flash Drives are cheap enough and
> easy to find at stores to make it very hard to trace...

Timothy McVeigh was tracked through his use of a prepaid calling card...
which he paid for with cash.

I don't know how the FBI and ATF did it, but I'm willing to bet they've
already taught an improved version of the technique to the next
generation of agents.

> We are talking about something between 320 and 480 hours of work, the
> info on that CD must have been (or they suspected it to be) of high
> importance...

[shrugs]  Not really.  Consider the cost-benefit ratio for two common
things: military campaigns and child pornography.  Assume lab time costs
 $100/hr., which pays the DF's salary and equipment costs.  We're
looking at about $50,000 for 500 hours of work.

One soldier being grievously injured on the battlefield can cost the
Army easily $5 million in lifetime medical care.  $5 million versus
$50,000 is a 100:1 cost savings.

Consider child porn.  How much is it worth to take a child pornographer
off the street before he or she can exploit another kid?  $100,000?  2:1
cost savings.

How much is it worth to... etc., etc.

Divorce lawyers are getting into the swing of things, too.  I was once
paid to do some data recovery on a hard drive that was an issue in a
lawsuit.  The lawyer was laughing all the way to the bank: my fee paid
for itself many, _many_ times over.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Robert J. Hansen 
ved...@hush.com wrote:
> but unless you choose a sufficiently long and random passphrase, 
> symmetric crypto with a passphrase string-2-key is much less
> protected than when the session key is encrypted to an unknown
> asymmetric key

The moral of the story is to (a) use the right tool for the job, and (b)
use the tool correctly.

I don't see how you can on the one hand assume that the person is going
to be technologically savvy enough to do all of this, and at the same
time dumb enough to use his mother's maiden name as a passphrase.

You may say "I'm not assuming he'll be dumb, I'm just allowing for the
possibility he will be" -- which is good, and it's a good maxim for
system design.  But making the system more complex (asymmetric crypto is
infamously complicated) in order to make the human factor simpler is a
bad tradeoff.  It's not a choice of system complexity or human
complexity.  Good protocol design reduces both; buying one at the
expense of the other is a bad idea.

> the first one that comes to mind: burn it and dump the residue in a
> sewer

"привет, горожанин.  The security footage says you were in this internet
cafe when this treasonous message was sent.  You were at the affected
PC.  You used a USB token.  And shortly afterwards your neighbors saw
you burning something in your backyard, but you didn't put the remains
in the trash.  We know, because we checked.  Would you come with us,
please?"

Present them with a fake USB token -- "We're sorry.  The GUID is
different.  Would you care to revise your story, or shall we just send
you to the gulag now for lying to investigators?"

If you're taking heat from serious opponents, you need to drop any
pretense about technology being your friend.  It's not.  If you're in a
serious heat situation, run away from anything with a battery.

> ok, sounds interesting what sources do you recommend reading ?

The Digital Forensics Research Workshop has some great articles.  The
latest fad is memory analysis: subvert someone's laptop for 30 seconds
to make a dump of memory, then snarf it up and parse through the memory
image at your leisure.

Or consider a hibernation file.  When your laptop goes into hibernation
mode, your laptop copies its entire internal state to disk so that when
you open your laptop again it can pick up right where it left off.  That
hibernation file doesn't get deleted once the laptop is done with it.
Let's say you're storing data on a TrueCrypt container.  The police grab
your laptop.  They're foiled -- they don't have the password!  But then
they look through your hibernation file and find your password hiding
there in cleartext.

Yes, it's kind of impressive seeing this stuff done.  It's also
disturbing and frightening.

If you're interested in hibernation file analysis, the current hot guy
is a French college student named Matthieu Suiche.  He's done a lot of
great work and he's only something like 20 years old.  It's a very new
field and there's a lot of room for dedicated amateurs to make an
impression.

Read his papers -- they're very eye-opening.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Faramir 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Robert J. Hansen escribió:
...
> So only someone with the private key can decrypt it.  Okay.  How do you
> communicate the private key with your intended recipients?  And how is
> communicating the private key with your intended recipients different
> from the key distribution problem when using symmetric crypto?

  IMHO, the difference is the recipients can send it's public to me by
some way, and check the fingerprint by telephone... of course, I would
need to be able to recognise the recipient's voice. Also, the encrypted
files in transit don't require a very good passphrase in order to be
hard to bruteforce (or whatever), as symmetric crypto would require... I
don't need to exchange communicate any "secret" passphrase at all.


> USB tokens have GUIDs, Globally Unique Identifiers.  Computers keep
> track of what GUIDs they've seen.  If the secret police get access to
> the PC, then they know "ah, someone used GnuPG on a USB token, with a
> GUID of...", etc.  That USB token can now be connected to you.

  But how? There is still the chance to buy things with effective, not
with credit or debit cards, and USB Flash Drives are cheap enough and
easy to find at stores to make it very hard to trace...


> Okay, so the obvious tactic is to dispose of it.  But how?  Losing
> and/or destroying things reliably is pretty hard.[1]  If you lose track
> of your car keys for thirty seconds you'll spend a week finding them; if
> you flush a USB token down the toilet a plumber will be called out five
> minutes later to find out what's causing the clog.  Call it the spy's
> version of Murphy's Law.

  Certainly... probably a big river would be a better place than a
toilet... Another option would be the use of a hammer, previous to
dispose the artifact... they are plastic stuff, very different from an
hdd, so probably the only surviving part would be the USB connector.


> DF is interesting stuff.  If you're serious about wanting to come up
> with effective spy-versus-spy techniques, then I'd strongly recommend
> reading up on DF.  The more you know about the capabilities of the
> people who are trying to recover your secrets, the more you'll know
> about how to make life difficult on them.

  And I probably will also thanks God for not having to do it for
real... I mean, probably there is enough information to make anybody a
bit paranoid... even if they don't have "anything to hide".

But I think it is an interesting subject... after all, any advice
about how to recover damaged info is potentially useful... I have heard
a lot more times the question "how do I recover my lost file" than "how
do I not recover...". Where do you suggest searching? In addition to
looking in google, of course...

> [2] I had sushi with a colleague of the guy who recovered the crosscut
> CD-R.  They gave that task to him person specifically because of his
> severe OCD.  The guy later said it was the happiest month he'd ever
> worked: he was allowed to indulge his OCD for 16 hours a day and
> everybody left him alone.

  We are talking about something between 320 and 480 hours of work, the
info on that CD must have been (or they suspected it to be) of high
importance...

  Best Regards
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJJkgv/AAoJEMV4f6PvczxAIi4H/RIbtZMeXOfiaMnDsgA0cH6z
r6Mm8YktgCNVPjlvBy3aXUMpK2+9kxVuQjSxHfssBwHzlr1b4C5xR30vwb9dOcUj
Kh1mVektIY6T81V7gISTgYDuHNUui9zUsoO+T3bfIxGFzuKOLq54g3t/ombi7IRl
oZUu6zZe4byEiVADFJHbZPCd6mXuXdFxND+04T3yqXHuPPF4DfGq74d5uze1QeUw
KvHe11Xn98sf443TsUi+8ISYsbUBQEsUWP9iHbYxf/1JCyZC+ysGZ8x10vVW2Tc+
MOMjsesfl3GPoPU14rS7EYZ7GaCprf2pKBoIpTDocbPgWtM0EwDCVQtDefCc3CQ=
=+JDy
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread vedaal 
>Message: 8
>Date: Tue, 10 Feb 2009 16:44:01 -0500
>From: "Robert J. Hansen" 
>Subject: Re: paperkey  // ? feature request

>> [1] 'very-important-secret' encrypted in ascii armored form to 
>> unpublished public key using throw-keyid option 
>
>So only someone with the private key can decrypt it.  Okay.  How 
>do you
>communicate the private key with your intended recipients?  And 
>how is
>communicating the private key with your intended recipients 
>different
>from the key distribution problem when using symmetric crypto?


no different,

but unless you choose a sufficiently long and random passphrase,
symmetric crypto with a passphrase string-2-key
is much less protected than when the session key is encrypted to an 
unknown asymmetric key

the former is attackable by attacking the passphrase,
the latter cannot be attacked without the keypair and the 
passphrase,
(and not vulnerable to any symmetric decryption 'shortcuts' like 
the pgp vulnerability described a few years ago)


>USB tokens have GUIDs, Globally Unique Identifiers.  Computers 
>keep
>track of what GUIDs they've seen.  If the secret police get access 
>to
>the PC, then they know "ah, someone used GnuPG on a USB token, 
>with a
>GUID of...", etc.  That USB token can now be connected to you.
>
>Okay, so the obvious tactic is to dispose of it. 
>  But how?  


there are probably many effective ways,

the first one that comes to mind:
burn it and dump the residue in a sewer


>Digital forensics is the field which concerns itself with pulling
>information you didn't believe existed out of places you didn't 
>believe
>it could be found.  Digital forensicists run the gamut from rank
>amateurs to hardcore professionals who can recover a CD-R that's 
>been
>put through a crosscut shredder.[2]
>
>DF is interesting stuff.  If you're serious about wanting to come 
>up
>with effective spy-versus-spy techniques, then I'd strongly 
>recommend
>reading up on DF.  The more you know about the capabilities of the
>people who are trying to recover your secrets, the more you'll 
>know
>about how to make life difficult on them.


ok, sounds interesting
what sources do you recommend reading ?


vedaal

any ads or links below this message are added by hushmail without 
my endorsement or awareness of the nature of the link

--
Click here for free information on starting a business from your home.
 
http://tagline.hushmail.com/fc/PnY6qxsXeyw2Yp1NS3ZvscqyI0wbyV70zrXUph7MCtlIltJuFZSv9/


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Robert J. Hansen 
ved...@hush.com wrote:
> the situation i was describing is something like this:

Right.  This is a use case for symmetric crypto.

> [1] 'very-important-secret' encrypted in ascii armored form to 
> unpublished public key using throw-keyid option 

So only someone with the private key can decrypt it.  Okay.  How do you
communicate the private key with your intended recipients?  And how is
communicating the private key with your intended recipients different
from the key distribution problem when using symmetric crypto?

> [2] above mentioned message posted anonymously to newsgroup like 
> comp.security.pgp.test 
> from internet cafe, 
> (pre-paid in cash, using new usb drive with nothing else on it)

USB tokens have GUIDs, Globally Unique Identifiers.  Computers keep
track of what GUIDs they've seen.  If the secret police get access to
the PC, then they know "ah, someone used GnuPG on a USB token, with a
GUID of...", etc.  That USB token can now be connected to you.

Okay, so the obvious tactic is to dispose of it.  But how?  Losing
and/or destroying things reliably is pretty hard.[1]  If you lose track
of your car keys for thirty seconds you'll spend a week finding them; if
you flush a USB token down the toilet a plumber will be called out five
minutes later to find out what's causing the clog.  Call it the spy's
version of Murphy's Law.

Digital forensics is the field which concerns itself with pulling
information you didn't believe existed out of places you didn't believe
it could be found.  Digital forensicists run the gamut from rank
amateurs to hardcore professionals who can recover a CD-R that's been
put through a crosscut shredder.[2]

DF is interesting stuff.  If you're serious about wanting to come up
with effective spy-versus-spy techniques, then I'd strongly recommend
reading up on DF.  The more you know about the capabilities of the
people who are trying to recover your secrets, the more you'll know
about how to make life difficult on them.






[1] I was recently told of a case where a mobster swallowed a micro-SD
card.  The mobster thought the stomach acids would destroy it.  The
authorities held onto him a few days, extracted the evidence when it
made its appearance, and discovered it worked just fine.

[2] I had sushi with a colleague of the guy who recovered the crosscut
CD-R.  They gave that task to him person specifically because of his
severe OCD.  The guy later said it was the happiest month he'd ever
worked: he was allowed to indulge his OCD for 16 hours a day and
everybody left him alone.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

RE: paperkey // ? feature request

2009-02-10 Thread i...@ushills.co.uk 
The hexidecimal approach works well for a whole secret key. I tried this with 
the OCRA font and appears to work very well and means that you do not need to 
get the public key from keyservers.

Using this method my secret key printed comes to two sides of A4.  Hex is 
easier to re-enter and this way can recreate your public key.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread vedaal 
Robert J. Hansen rjh at sixdemonbag.org
wrote on Tue Feb 10 19:18:22 CET 2009 :

>>uses a public key generated for only this purpose,
>> not put up on any keyserver,

>This seems to be a misapplication of asymmetric crypto.  Asymmetric
>crypto is generally inappropriate for session keys.


the situation i was describing is something like this:

[1] 'very-important-secret' encrypted in ascii armored form to 
unpublished public key using throw-keyid option 

[2] above mentioned message posted anonymously to newsgroup like 
comp.security.pgp.test 
from internet cafe, 
(pre-paid in cash, using new usb drive with nothing else on it)

[3] plausible deniability is maintained, even if entire secret 
keyring have to be given up, with all passphrases


Sven Radde email at sven-radde.de
wrote on Tue Feb 10 19:27:44 CET 2009 :

>Maybe this posting from a thread when I asked to extend paperkey 
for use
>with revocation certificates is also useful for Vedaal:
>http://lists.gnupg.org/pipermail/gnupg-users/2008-
October/034741.html


Yes, Thanks!
i really like the idea of hexadecimal encoding line by line with 
checksums 

it's a very useful and do-able way to print out a secret key block
with the plan of later having it be re-digitalized using OCR
(and even do-able if necessary to type it in line by line)
Thanks!


vedaal

any ads or links below this message are added by hushmail without 
my endorsement or awareness of the nature of the link

--
Click to learn about options trading and get the latest information.
 
http://tagline.hushmail.com/fc/PnY6qxtXbfHA0WEXqWVU4NVaqhYNQjY60C5jfc5xRA7NWFFbU6Q7V/


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Re: paperkey // ? feature request

2009-02-10 Thread Sven Radde 
Hi!

David Shaw schrieb:
> If you can't remove the redundant parts, then you're basically storing
> a secret key, unchanged.


Apart from the encoding and line-wise checksums which paperkey adds,
that is...

Maybe this posting from a thread when I asked to extend paperkey for use
with revocation certificates is also useful for Vedaal:
http://lists.gnupg.org/pipermail/gnupg-users/2008-October/034741.html

It seems like your nice tool has a greater potential than initially
conceived ;-)

cu, Sven

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread Robert J. Hansen 
ved...@hush.com wrote:
> uses a public key generated for only this purpose,
> not put up on any keyserver,

This seems to be a misapplication of asymmetric crypto.  Asymmetric
crypto is generally inappropriate for session keys.

> is there a way to get paperkey to reconstruct both the public and 
> secret keys, given the secret key ?

Given the secret key, the public key can always be reconstructed.



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread David Shaw 
On Tue, Feb 10, 2009 at 12:41:12PM -0500, ved...@hush.com wrote:
> On Tue, 10 Feb 2009 11:30:07 -0500 David Shaw 
>  wrote:
> 
> >You don't need paperkey to do this.  Just use GPG.  If you import 
> >a  
> >secret key and you don't have the matching public key, GPG will  
> >automatically create a public key from the secret key.
> 
> 
> but i need paperkey to store the 'whole' secret key with the public 
> key part,
> not only the secret parts added to the public kry ... :-)

Then that's just storing a secret key.  Paperkey works by removing the
redundant part of a secret key (i.e. the embedded public key, the user
IDs, signatures, etc).  When you restore the secret key, you need to
provide a copy of the public key so that paperkey can restore the
secret key (putting back the redundant parts).

If you can't remove the redundant parts, then you're basically storing
a secret key, unchanged.

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread vedaal 
On Tue, 10 Feb 2009 11:30:07 -0500 David Shaw 
 wrote:

>You don't need paperkey to do this.  Just use GPG.  If you import 
>a  
>secret key and you don't have the matching public key, GPG will  
>automatically create a public key from the secret key.


but i need paperkey to store the 'whole' secret key with the public 
key part,
not only the secret parts added to the public kry ... :-)


i understand that there is not much point to the request
if it's too much work so that there is nothing gained by just 
preserving a paper copy of the secret key block

(i.e., the paperkey typing might need to be as much 
as just re-typing the secret key)


vedaal

any ads or links below this message are added by hushmail without 
my endorsement or awareness of the nature of the link

--
Free information - Learn about IRS Tax Solutions. Click now!
 
http://tagline.hushmail.com/fc/PnY6qxt7zYKiddgCtAMZ96fKBFTB8vV1idZoukFmwCgG6b1LFfaiT/


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread David Shaw 

On Feb 10, 2009, at 10:49 AM, ved...@hush.com wrote:


is there a way to get paperkey to reconstruct both the public and
secret keys, given the secret key ?


You don't need paperkey to do this.  Just use GPG.  If you import a  
secret key and you don't have the matching public key, GPG will  
automatically create a public key from the secret key.


David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: paperkey // ? feature request

2009-02-10 Thread vedaal 
David Shaw dshaw at jabberwocky.com
wrote on Sun Feb 8 22:41:10 CET 2009 :


>In OpenPGP, a secret key is just a public key with some  
>extra stuff (the secret numbers) tacked on to the end.  That's how 
 
>paperkey makes the keys so small - it can safely leave off all the 
 
>public key information.


well,
speaking for the very small contingent of the 
occasionally maybe-too-secretive ;-)

would ask to consider the following scenario,
and if there is a possible paper key solution:


for those extremely private secrets
where one prefers to hide even the public key 
that a file is encrypted to,

and uses the 'throw-keyid' option,
and also
uses a public key generated for only this purpose,
not put up on any keyserver,
and not kept on any of the other keyrings,
(and therefore much easier to lose ... ;-) )

is there a way to get paperkey to reconstruct both the public and 
secret keys, given the secret key ?


tia,

vedaal

any ads or links below this message are added by hushmail without 
my endorsement or awareness of the nature of the link

--
Need cash? Click to get an emergency loan, bad credit ok
 
http://tagline.hushmail.com/fc/PnY6qxsmmu5OZiJnelXLqMehzTGAlwhiNa1GxR4EWRNHLiPMeouYH/


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users