Re: Backing up your PGP key by hand

[Werner Koch via Gnupg-users]

On Mon, 30 May 2022 19:52, Matt Borja said:

>   - Related to this approach: Is the passphrase on a private key not
>   sufficient encryption strength to store the private key in a secure 
> cloud
>   vault for archival purposes; or could it not be paired with a

The currently used protection of private keys as specified by OpenPGP
allows to attack the key iff the attacker has a way to modify the
protected key on the transport.

This is not the old Klima/Rosa attack but a new attack which takes
advantage of the fact that the public key parts are not bound to the
encrypted private parts of the key.  Thus the suggestion is to not rely
on the OpenPGP private key protection but to convey those private keys
with an additional OpenPGP encryption layer.

Note that the internal format used by GnuPG to store the private keys is
not affected buy this attack.  This is because the public key parts in
the files below private-keys-v1.d are included in the authenticated
encryption of the private parts as additional data
(openpgp-s2k3-sha1-aes-cbc and openpgp-s2k3-ocb-aes schemes)

Always take care when conveying private keys.


Salam-Shalom,

   Werner


-- 
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Matt Borja]

>
> If you really care about such long preservation, carving the key into
> stone or baking it in a clay tablet are the only known methods that can
> reliably store data for so long (also because other methods don't exist
> for so long).


I'm also curious about a couple options I don't think I've seen mentioned
as of yet:

   - What about using a laminator in conjunction with the paper hard copy
   in the interest of longevity; and perhaps one of these all-weather Plano
   cases (or perhaps cheaper/simpler: some ABS/PVC encasing)?
   - If we somehow trust the currently available cryptography systems used
   to protect our financial assets (i.e. TLS to encrypt your *connection* to
   your bank website, etc.) and identity and tax information (i.e. bank
   account information, social security, AGI, PII, business, etc.), could the
   same also not be trusted to: 1) encrypt your private key and enable you to
   2) stored said encrypted private key to a redundant medium like a
   cloud-based vault (multiple).
  - Related to this approach: Is the passphrase on a private key not
  sufficient encryption strength to store the private key in a secure cloud
  vault for archival purposes; or could it not be paired with a
second factor
  to derive the same archival benefit?

Seems to me that achieving indefinite longevity could be more readily done
on a computer system that makes it easy to *replicate* bytes on disk; if
some encryption system trustworthy enough exists and could be used
to protect said bytes before replication.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[vedaal via Gnupg-users]

On 5/26/2022 at 12:52 AM, "Robert J. Hansen via Gnupg-users"  wrote:
So, yeah.  I'm going to be solidly on the side of "no, really, paper
is
a magic technology, just be sure to talk with an archivist first to
ensure you're using the right kind of paper."

=

The other thing to consider is the Ink. 
In Ancient and Medieval times,  the ink was not standardized, and
varied in the quantity of the ingredients.  All were permanent but
some were too acidic and burned through the paper. Many monastery
manuscripts centuries old are still in very good condition.

Today there are "Bulletproof" permanent inks
(not resistant to real bullets, but resistant to water, alcohol,
bleach, soap, and known solvents.) 
https://www.jetpens.com/blog/Noodler-s-Fountain-Pen-Inks-A-Comprehensive-Guide/pt/902#bulletproof

The Noodler Eternal inks are available in a larger variety of
permanent colors, and are all fountain pen safe. 

https://noodlersink.com/product/19208-eternal-polar-blue/

Vedaal___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Johan Wevers via Gnupg-users]

On 2022-05-25 22:22, Francesco Ariis wrote:

> Paper was first made in the Chinese Empire, around two millennia ago 
I see that that was indeed considered what we call paper today, unlike
the ancient Egyptian papyrus.

> Sheets made with high quality pulp survived to this day.

Some sheets survive. I'm sure some CDR's and some USB sticks will also
survive for many centuries, but most probably won't.

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Robert J. Hansen via Gnupg-users]

Since paper as we know it today doesn't even exist so long that can't
be true. Maybe you are pointing to the few surviving papyrus texts?
Most have not survived.


I've personally seen paper ballots from elections in the Senate of
ancient Rome.  Admittedly, this was 15 years ago so I can no longer say
precisely which century they were from, but they were indeed paper and
the marks on them were still legible.

The reason why few paper texts survived to the modern day isn't that
paper isn't durable.  It's because paper *IS* durable.  It's a
fantastically useful material and, for most of human history, was
incredibly expensive.  Rather than preserve paper, people re-used it
again and again until it just wore out.  (They did the same thing with 
vellum, too, which was preferred not because it stood up to repeated use 
better, but because it was so much *cheaper*.)


Many Gutenberg Bibles are still in fine condition today.  Of about 160
copies printed, about fifty still exist today.  The paper in question is
linen, which is still used by archivists looking for long-term
preservation.

So, yeah.  I'm going to be solidly on the side of "no, really, paper is
a magic technology, just be sure to talk with an archivist first to
ensure you're using the right kind of paper."

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Francesco Ariis]

Il 25 maggio 2022 alle 21:13 Johan Wevers via Gnupg-users ha scritto:
> On 2022-05-23 5:01, Stuart Longland via Gnupg-users wrote:
> 
> > On the other hand, there are paper recordings that have lasted millennia.
> 
> Since paper as we know it today doesn't even exist so long that can't be
> true. Maybe you are pointing to the few surviving papyrus texts? Most
> have not survived.

Paper was first made in the Chinese Empire, around two millennia ago. Sheets
made with high quality pulp survived to this day.
Process is slightly different today, archivists also know a lot more about
what is dangerous to paper preservation.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Johan Wevers via Gnupg-users]

On 2022-05-23 5:01, Stuart Longland via Gnupg-users wrote:

> On the other hand, there are paper recordings that have lasted millennia.

Since paper as we know it today doesn't even exist so long that can't be
true. Maybe you are pointing to the few surviving papyrus texts? Most
have not survived.

If you really care about such long preservation, carving the key into
stone or baking it in a clay tablet are the only known methods that can
reliably store data for so long (also because other methods don't exist
for so long).

Even if the USB stick lasts for millennia, there may not be a reader for
it around at that time.

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Julian H. Stacey]

Stuart Longland via Gnupg-users wrote:
> On Tue, 03 May 2022 19:52:21 + (UTC)
> Matt Borja  wrote:
> 
> > Does exporting your private key (which already comes encrypted and requires
> > password authentication) to encrypted USB flash drive then placed under
> > lock and key not suffice as an offline backup?
> 
> If the USB flash drive does not fail, then yes, it would suffice.
> 
> NAND Flash memory (the sort used in USB flash drives), relies on a
> static charge being placed on the gate of a MOSFET to "bias" the MOSFET
> on or off.
> 
> In a perfect world, that gate is perfectly insulated and will not leak.
> 
> We don't live in such a world, there is a non-infinite resistance that
> allows a leakage current, and the charge will eventually fade.  How
> long will that take?  Who knows?

1 of 2 electret condenser microphones (Unisound EM-850), bought ~
1976, has failed so far with me.  The industry did back then expect them
to discharge eventually. They've only been used for minutes each
decade, so it wasn't over use.  Dometic storage temperate humidity &
temperature, not hot or cold warehouse, not polar or tropics, boxed,
no sunshine, no ionising radiaton beyond domestic terrestial.

https://en.wikipedia.org/wiki/Electret_microphone

Disk manufacturers' data sheets on error rates were a sobering experience
years back. Probably the same for USB sticks now.
Best copy on multiple media types from different manufacturers.

Cheers,
-- 
Julian Stacey  http://berklix.com/jhs/ http://stolenVotes.uk
Arm Ukraine, Zap killer Putin, grain & fuel loss hits poorest.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Stuart Longland via Gnupg-users]

On Tue, 03 May 2022 19:52:21 + (UTC)
Matt Borja  wrote:

> Does exporting your private key (which already comes encrypted and requires
> password authentication) to encrypted USB flash drive then placed under
> lock and key not suffice as an offline backup?

If the USB flash drive does not fail, then yes, it would suffice.

NAND Flash memory (the sort used in USB flash drives), relies on a
static charge being placed on the gate of a MOSFET to "bias" the MOSFET
on or off.

In a perfect world, that gate is perfectly insulated and will not leak.

We don't live in such a world, there is a non-infinite resistance that
allows a leakage current, and the charge will eventually fade.  How
long will that take?  Who knows?

On the other hand, there are paper recordings that have lasted millennia.

Personally, I'm eyeing off the A3 pen-plotter that's at my feet right
now and wondering whether I could get it to "draw" a QR code or similar
2D barcode of a private key.  Sure, it's computer-driven, but it's old
enough to not have the storage capacity to "remember" an A3 image of
a private key.  Make such a program also emit G-code, and you could likely
use any el-cheapo 3D printer mechanism to cobble together such a plotter.
-- 
Stuart Longland (aka Redhatter, VK4MSL)

I haven't lost my mind...
  ...it's backed up on a tape somewhere.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Sven Richter via Gnupg-users]

> And by reading them, they have powered up and refreshed the charge. The
> problem applies to such flash storage devices which have been left
> unpowered for longer periods of time. Again, it depends a bit on what
> the planned retention period is for the keys and their data.

A few months ago I rediscovered an old USB stick, whose existence I'd 
completely forgotten.
Had not touched that thing in around eight or nine years. Despite that it read 
just fine.
And we're not talking about some high quality premium device here. Named well 
known brand yes, but a cheap model.
I highly doubt the "flash can only store for a few months". In my personal 
experience flash can survive for many years.
Sure, sometimes new drives and cards can fail really quickly, but the same can 
be said about other media like HDDs too. If it survives the first couple months 
(or even weeks) then it will most likely last for years.

I still remember buying some first generation consumer SSDs back in 2010. Back 
then everybody was wary, saying the tech is too new and flash doesn't life long 
enough.
Used some of those drives in computers that run 24/7 and the last of them was 
replaced when it showed signs of dying about year ago (early 2021).
I'd say eleven years was a decent lifespan. ;)

In my opinion the longevity of flash, no matter the format, is greatly 
underestimated. Plus a real advantage I noticed is that many drives don't die 
suddenly like HDDs tend to do, instead they often die slowly giving you time to 
replace them.
As such I wouldn't mind at all storing my keys on a flash drive.
Also, if you have valuable data you should always store it on at least two 
devices that are physically separated anyway. So if one fails it shouldn't be a 
big deal.

(With all of that being said, I'd still be in favor of an easy way to store on 
paper.)

Greetings
Sven



--- Original Message ---
On Thursday, May 5th, 2022 at 7:44 AM, Lars Noodén via Gnupg-users 
 wrote:


> On 5/5/22 01:11, Jacob Bachmeyer wrote:
>
> > Lars Noodén via Gnupg-users wrote:
>
> > > A removable hard drive might be an option, if the storage time
>
> > > is less than a decade and there are decent storage conditions
>
> > > in regards to chemicals, temperature, humidity, and so on. Flash
>
> > > memory seems to lose
>
> > > its charge rather quickly, measured in months.
>
> > Write-once optical media is my preferred means of long-term backup for
>
> > nontrivial amounts of data,
>
> [snip]
>
> The number of years that the keys and the data they apply to will be
> stored unpowered, offline will influence which storage medium is
> acceptable for the task.
>
> Old CD-R were short-lived garage from my experience, but certain models
> of recently made CD-R should last a while even under slightly
> non-optimal storage conditions before they start flipping bits.
> However, it's hard to know until it's too late. And all bets are off
> for bad storage condistions. Now that the quality has improved, under
> optimal storage conditions, they ought to retain data for decades:
>
> https://www.canada.ca/en/conservation-institute/services/conservation-preservation-publications/canadian-conservation-institute-notes/longevity-recordable-cds-dvds.html
>
> https://www.loc.gov/preservation/resources/rt/NIST_LC_OpticalDiscLongevity.pdf
>
> Whether that bit flip hits anything important is another matter, but
> they do add up over time and with enough of them they will eventually
> hit something, worse if it hit something compressed. I'm sure BtrFS or
> OpenZFS might be relevant there.
>
> Air pollution, temperature, light, and humidity are some of the factors
> affecting the lifespan of the physical storage medium.
>
> > I have SD cards and USB sticks with data blocks last written
>
> > many years ago and still readable. Granted, I have never used
>
> > low-end no-name
>
> [snip]
>
> And by reading them, they have powered up and refreshed the charge. The
> problem applies to such flash storage devices which have been left
> unpowered for longer periods of time. Again, it depends a bit on what
> the planned retention period is for the keys and their data.
>
> /Lars
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users

publickey - sven.r.richter@protonmail.ch - 0x141E8192.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Matt Borja]

Sorry for the lame tracking links; that's apparently a setting
automatically enabled by SendGrid which I'm using to send out on my custom
email domain. Hopefully they're disabled now and below are showing the
original URLs as I had pasted them, else I give up, lol.

Demo:

   -
   
https://gist.github.com/mattborja/475fa600604073780bd47ada019f98f3#file-demo-pgp-progmem-ino

See also:

   -
   https://www.arduino.cc/reference/en/language/variables/utilities/progmem/
   -
   https://forum.arduino.cc/t/maximum-progmem-data-size-arduino-mega/373448
   -
   https://www.arduino.cc/reference/en/language/functions/communication/wire/

Sorry about that :/

On Thu, May 5, 2022 at 5:30 PM Matt Borja  wrote:

> The EEPROM notes are intriguing to me, and if that's an option you're
> considering, I went ahead and tossed up some old code onto a gist if you're
> interested. It's a crude example of storing PGP private key in flash (vs.
> SRAM) using a little PROGMEM hack for the Arduino Uno:
>
>
> https://gist.github.com/mattborja/475fa600604073780bd47ada019f98f3#file-demo-pgp-progmem-ino
> 
>
> See also:
>
>-
>https://www.arduino.cc/reference/en/language/variables/utilities/progmem/
>
> 
>-
>https://forum.arduino.cc/t/maximum-progmem-data-size-arduino-mega/373448
>
> 
>
>
> I actually have another slightly more refined project sort of tabled until
> I have more time freed up (maybe next couple weeks or so). It involves
> allocating and managing zones on a much larger EEPROM space--available on a
> single AT24C256C (32 KB up from 1 KB) which is also I2c, meaning you can
> daisy chain about 8 of these out, if you want to get crazy. Latest
> estimates I came up with suggested I could fit close to 2-3 4096-bit PGP
> private keys on one of these things. And the implementation is much simpler
> using the Wire.h interface
> 
>  because
> it actually has the room to store larger amounts of data without messing
> around with PROGMEM. And it's all offline writing too :)
>
> Ping me if you're interested. Otherwise, I'ma go back to what I was doing
> ;)
>
> On Thu, May 5, 2022 at 4:58 PM Jacob Bachmeyer via Gnupg-users <
> gnupg-users@gnupg.org> wrote:
>
>> Lars Noodén via Gnupg-users wrote:
>> > On 5/5/22 01:11, Jacob Bachmeyer wrote:
>> > > Lars Noodén via Gnupg-users wrote:
>> > >> A removable hard drive might be an option, if the storage time
>> > >> is less than a decade and there are decent storage conditions
>> > >> in regards to chemicals, temperature, humidity, and so on.  Flash
>> > >> memory seems to lose
>> > >> its charge rather quickly, measured in months.
>> > >
>> > > Write-once optical media is my preferred means of long-term backup for
>> > > nontrivial amounts of data,
>> > [snip]
>> >
>> > The number of years that the keys and the data they apply to will be
>> > stored unpowered, offline will influence which storage medium is
>> > acceptable for the task.
>> >
>> > Old CD-R were short-lived garage from my experience, but certain models
>> > of recently made CD-R should last a while even under slightly
>> > non-optimal storage conditions before they start flipping bits.
>>
>> This depends on the quality of the media.  I first got a CD-R drive in
>> the mid 2000s and have discs from back then that were still readable
>> w

Re: Backing up your PGP key by hand

[Matt Borja]

The EEPROM notes are intriguing to me, and if that's an option you're
considering, I went ahead and tossed up some old code onto a gist if you're
interested. It's a crude example of storing PGP private key in flash (vs.
SRAM) using a little PROGMEM hack for the Arduino Uno:

https://u25119845.ct.sendgrid.net/ls/click?upn=AWAj65NY2UMz4TnmUvFN9IGbt1wm4vdbS70yUSppRsMQ5onvQAvzfk4AuG3VBsPrYrmXvCsmH2gOu2hhCVW-2FozFc-2BAJFdnKEEvcyDaqRDNxw2t1swznhe-2Byz9n3cIPh4tmtJZbbj4eNxHx3QmzfV8g-3D-3DkevG_RtEKULAgbs8GArutgsfJQJI1lr9pAjJUwpaVhpathDIPfe3Pjl-2BQZwS7yBZWMJnI-2F-2BW07si5qDvsgMp1WUyDq-2B7vWDN2JV-2B4L1ZHecivxc22dKrcUB5cbcYyYTx8pSJa9w8VTiC2AC3sotGpusq4jw-2Fk6gDJpa-2Bcmm9lMKhxfF7NTRoVvExf2glKlYOeM4S8OAO-2BJfbidgUYdi7zYOI-2BuQ-3D-3D

See also:

   -
   
https://u25119845.ct.sendgrid.net/ls/click?upn=AWAj65NY2UMz4TnmUvFN9AQx4M1sn44MZVITLdjuhzbIZb0aXoHDzv0QZtQTVn5G6QeOWF0rMBkEnPOq-2Fj-2F-2Ff7zu1OGBDd7QcTgBhRzyDH6BBXC0wtfcDwuVmYeObvg6coI4_RtEKULAgbs8GArutgsfJQJI1lr9pAjJUwpaVhpathDIPfe3Pjl-2BQZwS7yBZWMJnI9hF-2FGHq3ueUG6rxidtqSlsMCnF4a-2B-2Fr0wPhEd3WHKLWjkHUB0NZN3Qd4o6hmF1WG7byhUwE-2FVIlacXPQ2PV2ji4Pw-2FnqpZqwNiGNXiZvjHvoIVtnoWv1Q6CYweQNM2VOCkazeKdCoN9nbWb6598Ivg-3D-3D
   -
   
https://u25119845.ct.sendgrid.net/ls/click?upn=AWAj65NY2UMz4TnmUvFN9D9Ta4eWZgsvBZTPHn95mwzOn9PJbOBmsTVroNkfZhHrDU5DGuJrYEOd2BgJLlbEzuoN-2BAHGFNFVmOtv5a8BCVv8CDiB2IuRiauAKIGu9bRICNOG_RtEKULAgbs8GArutgsfJQJI1lr9pAjJUwpaVhpathDIPfe3Pjl-2BQZwS7yBZWMJnIOMlScXfFpwRqgzeOoj-2BzS0pUROFKpH-2FmjVM120PshB2I1tx18tpqjHo7CN-2BvYULJiJK8GYsZ56FlPmVQTHgFK9rztyCjsSTi7nHcWekonmfBpogDYpawqHUnKFJcMs-2FzFF5dKcFP5JVXWWtU-2BB2c2Q-3D-3D


I actually have another slightly more refined project sort of tabled until
I have more time freed up (maybe next couple weeks or so). It involves
allocating and managing zones on a much larger EEPROM space--available on a
single AT24C256C (32 KB up from 1 KB) which is also I2c, meaning you can
daisy chain about 8 of these out, if you want to get crazy. Latest
estimates I came up with suggested I could fit close to 2-3 4096-bit PGP
private keys on one of these things. And the implementation is much simpler
using the Wire.h interface

because
it actually has the room to store larger amounts of data without messing
around with PROGMEM. And it's all offline writing too :)

Ping me if you're interested. Otherwise, I'ma go back to what I was doing ;)

On Thu, May 5, 2022 at 4:58 PM Jacob Bachmeyer via Gnupg-users <
gnupg-users@gnupg.org> wrote:

> Lars Noodén via Gnupg-users wrote:
> > On 5/5/22 01:11, Jacob Bachmeyer wrote:
> > > Lars Noodén via Gnupg-users wrote:
> > >> A removable hard drive might be an option, if the storage time
> > >> is less than a decade and there are decent storage conditions
> > >> in regards to chemicals, temperature, humidity, and so on.  Flash
> > >> memory seems to lose
> > >> its charge rather quickly, measured in months.
> > >
> > > Write-once optical media is my preferred means of long-term backup for
> > > nontrivial amounts of data,
> > [snip]
> >
> > The number of years that the keys and the data they apply to will be
> > stored unpowered, offline will influence which storage medium is
> > acceptable for the task.
> >
> > Old CD-R were short-lived garage from my experience, but certain models
> > of recently made CD-R should last a while even under slightly
> > non-optimal storage conditions before they start flipping bits.
>
> This depends on the quality of the media.  I first got a CD-R drive in
> the mid 2000s and have discs from back then that were still readable
> when I last looked at them a few years ago.  Admittedly, these have been
> stored under ordinary room conditions and protected in a disc binder or
> jewel cases and were not the "bargain basement" media that was also
> available at the time.  A friend once lamented having something like 3
> to 5 discs out of a 100-pack of "Great Quality" branded CD-R media that
> were actually usable; the rest were either rejected during burning or
> failed immediately upon readback.  It is doubtful that those "Great
> Quality" discs are still readable today.  There was a significant
> difference in price:  the discs I used (Maxell/Memorex/Verbatim name
> brands stand out thinking back) typically cost about $20 for a 50-pack
> or similar for a 100-pack if on sale, while "Great Quality" was $5 for
> 100.  You really did get what you paid for, however.
>
> There were also direct-write DVD-R camcorders fairly popular in the mid
> to late 2000s.  I remember news stories about most of Barack Obama's
> earlier speeches having been lost before his first term as

Re: Backing up your PGP key by hand

[Jacob Bachmeyer via Gnupg-users]

Lars Noodén via Gnupg-users wrote:

On 5/5/22 01:11, Jacob Bachmeyer wrote:
> Lars Noodén via Gnupg-users wrote:
>> A removable hard drive might be an option, if the storage time
>> is less than a decade and there are decent storage conditions
>> in regards to chemicals, temperature, humidity, and so on.  Flash
>> memory seems to lose
>> its charge rather quickly, measured in months.
>
> Write-once optical media is my preferred means of long-term backup for
> nontrivial amounts of data,
[snip]

The number of years that the keys and the data they apply to will be
stored unpowered, offline will influence which storage medium is
acceptable for the task.

Old CD-R were short-lived garage from my experience, but certain models
of recently made CD-R should last a while even under slightly
non-optimal storage conditions before they start flipping bits.


This depends on the quality of the media.  I first got a CD-R drive in 
the mid 2000s and have discs from back then that were still readable 
when I last looked at them a few years ago.  Admittedly, these have been 
stored under ordinary room conditions and protected in a disc binder or 
jewel cases and were not the "bargain basement" media that was also 
available at the time.  A friend once lamented having something like 3 
to 5 discs out of a 100-pack of "Great Quality" branded CD-R media that 
were actually usable; the rest were either rejected during burning or 
failed immediately upon readback.  It is doubtful that those "Great 
Quality" discs are still readable today.  There was a significant 
difference in price:  the discs I used (Maxell/Memorex/Verbatim name 
brands stand out thinking back) typically cost about $20 for a 50-pack 
or similar for a 100-pack if on sale, while "Great Quality" was $5 for 
100.  You really did get what you paid for, however.


There were also direct-write DVD-R camcorders fairly popular in the mid 
to late 2000s.  I remember news stories about most of Barack Obama's 
earlier speeches having been lost before his first term as US President 
had ended because the only recordings had been made by his supporters 
using those camcorders and cheap DVD-R media that did not last.



Note that "nontrivial amounts of data" excludes PGP keys; even a 
mini-CD-R holds several megabytes.  I will admit that lack of a 
reasonable backup strategy is one of the reasons I do not presently use 
PGP for encryption.



[...]

Whether that bit flip hits anything important is another matter, but
they do add up over time and with enough of them they will eventually
hit something, worse if it hit something compressed.  [...]


CD-ROM format has considerable data expansion.  If I remember correctly, 
a 650MB data CD actually stores something like 2.1GB after applying the 
various ECC layers.  There are quite a few bits to flip before anything 
is affected.



Air pollution, temperature, light, and humidity are some of the factors
affecting the lifespan of the physical storage medium.


One of the advantages of optical media generally is that the discs are 
(supposed to be) sealed against their environment.  Absent extremes, 
(polycarbonate has a melting point, the data is written using very 
intense light that locally heats the dye layer) environmental effects 
should be minimal.  Along these lines, while fire will obviously destroy 
optical media, discs should remain readable after being in a flood, for 
example.  (Some mold removal may be needed, and the data should be 
copied to new media in case mold or the chemicals used to remove it 
adversely affect the integrity of the environmental seal.)



> I have SD cards and USB sticks with data blocks last written
> many years ago and still readable.  Granted, I have never used
> low-end no-name
[snip]

And by reading them, they have powered up and refreshed the charge.  The
problem applies to such flash storage devices which have been left
unpowered for longer periods of time.


No, it does not.  That is not how flash memory works.  Some flash 
translation layers might do such things in some devices, but I strongly 
doubt that flash-based microcontrollers have undocumented hardware 
functions to periodically rewrite the program storage, for example.  In 
any case, I have both USB sticks and SD cards that have been left 
entirely unpowered for years and found the data to still be there, 
certainly much longer than the "few months" you mentioned earlier.


Theoretically, the stored charge does eventually leak off of the 
floating gate, but EEPROMs (and flash, which is essentially the same 
technology) are generally considered to hold data indefinitely.  The 
data retention specifications are based on "accelerated aging" tests, 
which generally involve elevated temperature.  The processes involved 
are highly nonlinear with respect to temperature and may very easily 
require centuries at room temperature or not occur at all without 
elevated temperatures; we do not know because flash storage is only now 
r

Re: Backing up your PGP key by hand

[Matt Borja]

So I guess all that leaves us with at this point is laser welded
inscriptions onto a block of metal, installed backwards as the cornerstone
of the next monument being preserved by a historic society.

It’ll be the next iteration of 3D printing: MIaaB (Metal Inscriptions as a
Backup).

Whole building would have to come down to restore from backup, but it’d at
least stand the test of weathering…

On Thu, May 5, 2022 at 06:44 Julian H. Stacey  wrote:

> Matthias Apitz wrote:
> > I think, paper tapes as in the years 70 would be the best media for this
> > approach.
>
> Paper tape had a high error rate (& tear rate).  It chaffed & built
> dirt on reader, & absorbed finger grease & misread whether optical
> or capacitive readers. Mylar (plastic) was better, stronger.
>
> Often on long paper tapes we'd read several times & compare to
> ensure probably no errors. Checksums weren't so often available.
>
> Our pape tape flew so fast through the reader we held dustbins at
> ~ 45 degrees to catch it. & then reloaded slower back out of bin
> onto winder.
>
> Cheers,
> --
> Julian Stacey  
> https://u25119845.ct.sendgrid.net/ls/click?upn=2dQXn-2FuZ4IFXJrxoTvrldvqqxLcoXrCdV6gWFc3-2BDwiGSo0Z8d6K83e32R-2BJhBnZXZwc_RtEKULAgbs8GArutgsfJQJI1lr9pAjJUwpaVhpathDK-2FZv-2Fiay3xKjt5SlrXDHfdtDQngQuGzQN2K051aIgKwfPvbq0YLpHqZ4AbECeyjWpF0B38q2NVsTI6-2FgwVz9FZ7mf80zRGHBfUF3K1FHgAGBB44fRL6RfIIVwP98xF41Bi5m6UuL2kUz5G-2BM1AGaX2blauQR9a-2Bvi1If-2BaWnVamQ-3D-3D
>  
> https://u25119845.ct.sendgrid.net/ls/click?upn=2dQXn-2FuZ4IFXJrxoTvrldidM2r9fYLOd-2B1CSkNvZDPA-3Du8bN_RtEKULAgbs8GArutgsfJQJI1lr9pAjJUwpaVhpathDK-2FZv-2Fiay3xKjt5SlrXDHfdwzZbLWnIj29Hth24AAHKE1l5x4N8SoEGFqhcyzlp9BZTwUzr2qSCkylH0lmM-2FVITWyw3dj91TaYp6XvmUwCGAClbR6POSl2nr3JWTt0bG-2Ft9BfvkU-2FphwsRZG1SUCKUAnTPynQF7YCHTkcZs-2BJ-2Bb1g-3D-3D
> Arm Ukraine, kill Putin mass murderer causing global grain & fuel shortage.
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://u25119845.ct.sendgrid.net/ls/click?upn=AWAj65NY2UMz4TnmUvFN9EYEqtNOGKM5EVTRJHzYauGZHQfmaLnBrHl5qgXgVVD7oMr9xT2-2FmICVLCVAwlw5rA-3D-3DvQcR_RtEKULAgbs8GArutgsfJQJI1lr9pAjJUwpaVhpathDK-2FZv-2Fiay3xKjt5SlrXDHfdFkMvE8Hcl29FyG48kYmlLt10pWLtgDPW92k2a9zJN5kDephSphPp2-2FVwrSZLPmF1rhao05zPP2-2FvnFlqnwPrbWtMXWC7gdsh3C-2Bj2rZloPSR92Gf88OJ4TEqTIQsnZXEGyQzrhgHZS9kcWzqJnRoAw-3D-3D
>
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Julian H. Stacey]

Matthias Apitz wrote:
> I think, paper tapes as in the years 70 would be the best media for this
> approach.

Paper tape had a high error rate (& tear rate).  It chaffed & built
dirt on reader, & absorbed finger grease & misread whether optical
or capacitive readers. Mylar (plastic) was better, stronger.

Often on long paper tapes we'd read several times & compare to
ensure probably no errors. Checksums weren't so often available.

Our pape tape flew so fast through the reader we held dustbins at
~ 45 degrees to catch it. & then reloaded slower back out of bin
onto winder.

Cheers,
-- 
Julian Stacey  http://berklix.com/jhs/ http://stolenVotes.uk
Arm Ukraine, kill Putin mass murderer causing global grain & fuel shortage.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Matthias Apitz]

I think, paper tapes as in the years 70 would be the best media for this
approach.

matthias


-- 
Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub

Peace instead of NATO!  Мир вместо НАТО!  Frieden statt NATO! ¡Paz en vez de 
OTAN!

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Lars Noodén via Gnupg-users]

On 5/5/22 01:11, Jacob Bachmeyer wrote:
> Lars Noodén via Gnupg-users wrote:
>> A removable hard drive might be an option, if the storage time
>> is less than a decade and there are decent storage conditions
>> in regards to chemicals, temperature, humidity, and so on.  Flash
>> memory seems to lose
>> its charge rather quickly, measured in months.
>
> Write-once optical media is my preferred means of long-term backup for
> nontrivial amounts of data,
[snip]

The number of years that the keys and the data they apply to will be
stored unpowered, offline will influence which storage medium is
acceptable for the task.

Old CD-R were short-lived garage from my experience, but certain models
of recently made CD-R should last a while even under slightly
non-optimal storage conditions before they start flipping bits.
However, it's hard to know until it's too late.  And all bets are off
for bad storage condistions.  Now that the quality has improved, under
optimal storage conditions, they ought to retain data for decades:

https://www.canada.ca/en/conservation-institute/services/conservation-preservation-publications/canadian-conservation-institute-notes/longevity-recordable-cds-dvds.html

https://www.loc.gov/preservation/resources/rt/NIST_LC_OpticalDiscLongevity.pdf

Whether that bit flip hits anything important is another matter, but
they do add up over time and with enough of them they will eventually
hit something, worse if it hit something compressed.  I'm sure BtrFS or
OpenZFS might be relevant there.

Air pollution, temperature, light, and humidity are some of the factors
affecting the lifespan of the physical storage medium.

> I have SD cards and USB sticks with data blocks last written
> many years ago and still readable.  Granted, I have never used
> low-end no-name
[snip]

And by reading them, they have powered up and refreshed the charge.  The
problem applies to such flash storage devices which have been left
unpowered for longer periods of time.  Again, it depends a bit on what
the planned retention period is for the keys and their data.

/Lars

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Jacob Bachmeyer via Gnupg-users]

Lars Noodén via Gnupg-users wrote:

A removable hard drive might be an option, if the storage time is less
than a decade and there are decent storage conditions in regards to
chemicals, temperature, humidity, and so on.  Flash memory seems to lose
its charge rather quickly, measured in months.


Write-once optical media is my preferred means of long-term backup for 
nontrivial amounts of data, but this view about flash losing data in 
months is completely ridiculous.  Typical data retention specs for flash 
memory are for decades.  If losing data in mere months were acceptable, 
just about nothing would work, including the computer you use for email 
-- its firmware is almost certainly in flash and it is probably more 
than a few months old.


I have SD cards and USB sticks with data blocks last written many years 
ago and still readable.  Granted, I have never used low-end no-name 
Chinesium storage, so that may have something to do with it, but flash 
memory is far more durable than a few months.  Battery-backed SRAM 
typically has batteries that last longer than that; if flash only held 
data for months, it would never have been commercially viable for 
displacing said SRAM.



-- Jacob

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Lars Noodén via Gnupg-users]

On 5/3/22 22:08, Francesco Ariis wrote:
[snip]

As you probably expect, I agree with (almost) everything you say. My
experiment was to document something which — as far as I know — was
not documented until now (although probably done numerous times) and
a way to spur a discussion on the topic of “backing up keys when you
cannot trust or do not have access to some devices”.


A removable hard drive might be an option, if the storage time is less
than a decade and there are decent storage conditions in regards to
chemicals, temperature, humidity, and so on.  Flash memory seems to lose
its charge rather quickly, measured in months.  I can't find the
original articles on that but here's a secondary source:

https://www.ni.com/en-us/support/documentation/supplemental/12/understanding-life-expectancy-of-flash-storage.html

Perhaps printing a QR code or barcode would work if it is possible to
get the private key to a printer in a secure manner.  If you are into
further experimentation maybe some graph paper and a black magic marker
could be used for making a QR code, with enough persistence or
performance art funding.

/Lars

PS.  Thanks for not top-posting.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Matt Borja]

Does exporting your private key (which already comes encrypted and requires
password authentication) to encrypted USB flash drive then placed under
lock and key not suffice as an offline backup?

Aside: Private keys aren’t the only thing that should be getting backed up.
Revocation certs are perhaps just as important, if not more. Private keys
can be replaced all day long, but you can’t replace revocation certs once
the private key is lost (requiring revocation).


On Tue, May 3, 2022 at 12:17 Francesco Ariis  wrote:

> Hello Jonathan,
>
> Il 02 maggio 2022 alle 13:26 Jonathan Cross via Gnupg-users ha scritto:
> > Thank you for sharing this Francesco.
> >
> > Yes, having a secure, durable offline backup is important.
> >
> > Coming from the Bitcoin space, we've already explored many options in an
> > effort to allow users easily to back up private keys.
> >
> > I have to say the effort involved in your method seems unrealistic for
> most
> > users:
> >
> > [...]
>
> thanks for you feedback message!
>
> As you probably expect, I agree with (almost) everything you say. My
> experiment was to document something which — as far as I know — was not
> documented until now (although probably done numerous times) and a way
> to spur a discussion on the topic of “backing up keys when you cannot
> trust or do not have access to some devices”.
>
> The pain points are manifold: some might be mitigated (as Ingo Klöcker
> suggested, ed25519 keys are shorter, progressively moving to them would
> do a lot); some would need some reworking (or reimagining) of the tools
> we use today to sign out documents and encrypt out archives (as much as
> `paperkey` is convenient, a “native” solution will always be more
> reliable, user-friendly, future-proof).
>
> > But ideally such a system should be standardized and built into gpg so
> that
> > users can be sure they will be able to restore keys.
>
> This would be amazing and hopefully one day a standardised approach will
> come to light for PGP too. Happy encrypting everyone
> —F
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://u25119845.ct.sendgrid.net/ls/click?upn=AWAj65NY2UMz4TnmUvFN9EYEqtNOGKM5EVTRJHzYauGZHQfmaLnBrHl5qgXgVVD7oMr9xT2-2FmICVLCVAwlw5rA-3D-3Dkqal_RtEKULAgbs8GArutgsfJQJI1lr9pAjJUwpaVhpathDLD1wRHQ22pUznbAeW1KS-2FdIa6FC4L3OSGS4eMi13SJmdMoCsAM4QauLPgLSkTUmxcckyrs8qWq9hPVlcUr0rWoyhSMFe2wadsqqbPX2NoGeUTwVBVIh3zpoMQrA6U3pfn9vhU6EQgA9CzlMdUxY2JEC2wgCAdSAt7NqLYXDIFiAQ-3D-3D
>
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Francesco Ariis]

Hello Jonathan,

Il 02 maggio 2022 alle 13:26 Jonathan Cross via Gnupg-users ha scritto:
> Thank you for sharing this Francesco.
> 
> Yes, having a secure, durable offline backup is important.
> 
> Coming from the Bitcoin space, we've already explored many options in an
> effort to allow users easily to back up private keys.
> 
> I have to say the effort involved in your method seems unrealistic for most
> users:
>
> [...]

thanks for you feedback message!

As you probably expect, I agree with (almost) everything you say. My
experiment was to document something which — as far as I know — was not
documented until now (although probably done numerous times) and a way
to spur a discussion on the topic of “backing up keys when you cannot
trust or do not have access to some devices”.

The pain points are manifold: some might be mitigated (as Ingo Klöcker
suggested, ed25519 keys are shorter, progressively moving to them would
do a lot); some would need some reworking (or reimagining) of the tools
we use today to sign out documents and encrypt out archives (as much as
`paperkey` is convenient, a “native” solution will always be more
reliable, user-friendly, future-proof).

> But ideally such a system should be standardized and built into gpg so that
> users can be sure they will be able to restore keys.

This would be amazing and hopefully one day a standardised approach will
come to light for PGP too. Happy encrypting everyone
—F

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Ingo Klöcker]

On Montag, 2. Mai 2022 13:26:06 CEST Jonathan Cross via Gnupg-users wrote:
> I have to say the effort involved in your method seems unrealistic for most
> users:
>
> > Considering a paperkey is less than 150 lines, that means it should take
> > 50 sessions, or a little less than 2½ months to get it on paper. The whole
> > effort costs 50×10m ≃ 8 hours of your time.

For a modern ed25519 key with cv25519 subkey paperkey outputs less than 10 
lines of data and a final CRC-24 checksum.

  1: 00 04 69 C7 01 A4 36 FD D4 96 FA E5 58 0A A1 51 BC 58 17 C2 28 CF 6A0F72
[...]
 10: B2 47 15 98 62 69 A9 53 BC B2 16 8F 9B 78 B4 BAF5C6
 11: BBEA88

In the old days computer magazines contained many pages of such hexdumps that 
you could hack into your computer to get some nice little games.

Regards,
Ingo


signature.asc
Description: This is a digitally signed message part.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Backing up your PGP key by hand

[Jonathan Cross via Gnupg-users]

Thank you for sharing this Francesco.

Yes, having a secure, durable offline backup is important.

Coming from the Bitcoin space, we've already explored many options in an
effort to allow users easily to back up private keys.

I have to say the effort involved in your method seems unrealistic for most
users:

> Considering a paperkey is less than 150 lines, that means it should take
50 sessions, or a little less than 2½ months to get it on paper. The whole
effort costs 50×10m ≃ 8 hours of your time.

In Bitcoin, we can use the BIP39 standard to backup nearly infinite number
of keys (trees of derived keys) with just 12 simple English words. It even
has a checksum! Only in the first four letters of each word are even
necessary as those are always distinct making input very quick and easy.

GPG would benefit from something similar.

Only 1% of the 1% of users, will put in the effort in that you did meaning
that most users are not properly backing up their PGP keys and or are
trusting computer hardware/printers.

I see there is efforts like paperkey word list:
https://github.com/vonshednob/paperkeywords

But ideally such a system should be standardized and built into gpg so that
users can be sure they will be able to restore keys.

One can actually use the most popular Bitcoin hardware wallet as a PGP
signing device. Since the device is backed up with a BIP39 "seed phrase",
you can effectively say that it's a way to backup GPG keys with 12 or 24
words:

https://support.ledger.com/hc/en-us/articles/115005200649-OpenPGP?docs=true

The fact that It has a screen and you can input the words directly into the
signing device means that you don't need an air gap computer as well.

That might be a good option for some people.

Jonathan
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Backing up your PGP key by hand

[Francesco Ariis]

Hello gnupg-users,
I decided to back up my secret gpg key with pencil and paper,
documenting the process here

http://ariis.it/static/articles/handwritten-pgp-key/page.html

It is tangent to gpg but I thought that other gnupg-users might have been
interested in the whys and hows of the topic
—F

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Regarding PGP key to RSA key conversion

[Poomurugan.Poopandian--- via Gnupg-users]

Dear Team,

I am looking for PGP Key to RSA key conversion
My Working Environment is windows, In windows, I have to convert a PGP Key 
(Private and Public ) to RSA Key.

The Instructions which are available in the internet all are based on the UNIX 
platform.
Looking for steps to be followed with the GnuPG tool to achieve the  conversion 
on windows.

Awaiting for the reply

Thanks,
Poomurugan
This e-mail and any files transmitted with it are for the sole use of the 
intended recipient(s) and may contain confidential and privileged information. 
If you are not the intended recipient(s), please reply to the sender and 
destroy all copies of the original message. Any unauthorized review, use, 
disclosure, dissemination, forwarding, printing or copying of this email, 
and/or any action taken in reliance on the contents of this e-mail is strictly 
prohibited and may be unlawful. Where permitted by applicable law, this e-mail 
and other e-mail communications sent to and from Cognizant e-mail addresses may 
be monitored. This e-mail and any files transmitted with it are for the sole 
use of the intended recipient(s) and may contain confidential and privileged 
information. If you are not the intended recipient(s), please reply to the 
sender and destroy all copies of the original message. Any unauthorized review, 
use, disclosure, dissemination, forwarding, printing or copying of this email, 
and/or any action taken in reliance on the contents of this e-mail is strictly 
prohibited and may be unlawful. Where permitted by applicable law, this e-mail 
and other e-mail communications sent to and from Cognizant e-mail addresses may 
be monitored.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: was Re: PGP Key Poisoner // now "Binding one person's subkey to another person's primary key"

[Robert J. Hansen]

> I've often wondered why the sks software didn't require
> cross-certification.  It seems like that would solve the key poisoning
> issue.

Not enough OCaml programmers, mostly.

Strange but true: SKS has no crypto code in it anywhere.  So the moment
you say "I wonder why SKS doesn't do this thing that involves crypto,"
well, that's the answer: because it involves crypto and nobody has ever
added that capability to SKS.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Johan Wevers]

On 14-08-2019 11:38, Alessandro Vesely via Gnupg-users wrote:

> Of course, anonymous key poisoning is a kind of gratuitous vandalism.
>  Yet, crypto is supposed to work in a hostile environment.

But this is only an extreme form of what an old keyserver already did:
it issued (I believe every 6 months) a new signature. Arguments about
DoS attacks were already given then.

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: was Re: PGP Key Poisoner // now "Binding one person's subkey to another person's primary key"

[Brian Minton]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

I've often wondered why the sks software didn't require
cross-certification.  It seems like that would solve the key poisoning
issue.  It would mean that when signing someone's key, you'd have to
have a way to exchange the signatures first, before submitting them to
the keyserver network.  However, I think that most keysigning parties
do that anyway, not to mention software like caff.
-BEGIN PGP SIGNATURE-

iHUEARYIAB0WIQTu0BWAE9wubW4AHqQ3uVB6z/IBbgUCXVRTFwAKCRA3uVB6z/IB
bqAKAQC4mzwJSUj52Wls65QJqOdZNFvEx8yozIeCDtb/+XWdtAD7BALPm3Z9/5oI
ZAjPE5b9EX1sddZpdj2+DuvbKZKoDQeIdQQBEQgAHRYhBPnEu3YOeD8N7BCmimuO
s6Blz7qpBQJdVFMvAAoJEGuOs6Blz7qpCMgA/35Ni8l2Cb/EdHP3AhmkbHJAVGHo
7AeDnRHGcgre6M1CAPwO8IoTd8l69z2Rn0YzXwakHfNQlp9+OPg6U+mUj9eImw==
=v1zo
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Alessandro Vesely via Gnupg-users]

On Tue 13/Aug/2019 12:08:31 +0200 Werner Koch Via Gnupg-users wrote:
> On Tue, 13 Aug 2019 09:54, gnupg-users@gnupg.org said:
> 
>> The bug, however, is in the program that chokes on poisoned keys!
> 
> Nope.  This is a long standing DoS protection by limiting the total
> length of a keyblock.  The diagnostics were a bit misleading, though.
> 
> The time it took to process all these signatures during importing is due
> to a fix and out of order keyblock functions which has been enabled by
> default in 2.1.  It should be obvious that checking several thousands of
> signatures and finding the matching user-id takes its time.
> 
> Anyway, given that these keys are real the approach with 2.2.17 is to
> auto-retry an import with import-clean etc. if the keyblock size hits
> the size limit.  For keyserver imports import-clean is also the default.


Why wasn't that check in place from version 0.0.0?  Perhaps GnuPG was
coded at times when DoS was an operating system?

Of course, anonymous key poisoning is a kind of gratuitous vandalism.
 Yet, crypto is supposed to work in a hostile environment.


Best
Ale
-- 








signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: was Re: PGP Key Poisoner // now "Binding one person's subkey to another person's primary key"

[vedaal via Gnupg-users]

On 8/13/2019 at 7:59 AM, "Kristian Fiskerstrand" 
 wrote:

>As you correctly point out its really not that relevant for 
>encryption
>subkeys. It does have security implementations for signing 
>subkeys; see
>[cross-certification section] for some details on that.
>
>References:
>[cross-certification section]
>https://gnupg.org/faq/subkey-cross-certify.html


GnuPG has been requiring cross-certification for a very long time, 
which would mean that an attacker who attaches a person's listed subkey to a 
different masterkey, 
would still not be able to do anything with it, because the attacker can't make 
it cross-certify.

Being simplistically naive here,
How difficult would it be to get keyservers to agree that only the key owners 
can submit new signatures to their own keys?
(i.e., The owner's detached signature of the public keyblock having the new 
signature, required together with any submitted key with a new signature.) 

A Denial-of Service attack will still always be possible against a keyserver, 
since it is easy for an attacker to generate a large volume of legitimate keys, 
with only a self-signature, 
and upload them to the keyserver,
but at least then, no individual key by a real user, could be attacked.


vedaal


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Peter Lebbing]

On 13/08/2019 17:11, Robert J. Hansen wrote:
>> I think the proper fix is to design an alternative to the SKS keyserver
>> network. The design choices in the reconciliation protocol don't work
>> out anymore, we shouldn't change the protocol but replace it.
> 
> I agree.

Ah, then the discussion about OCaml is a moot point by now and can be
disregarded until the moment someone proposes to write the replacement
in OCaml :-D

Cheers,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Robert J. Hansen]

> I don't think the bit about the OCaml code complexity was a good
> argument in Rob's gist post.

In my defense, I wrote that front-to-back in under an hour.  My goal was
to quickly release a useful précis, not to slowly write a definitive
reference on the problem.  :)

That said, this particular thing I stand behind.  The number of people
in the SKS community who grok OCaml is pretty close to zero.

> I think the proper fix is to design an alternative to the SKS keyserver
> network. The design choices in the reconciliation protocol don't work
> out anymore, we shouldn't change the protocol but replace it.

I agree.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Stefan Claas via Gnupg-users]

Peter Lebbing wrote:

> > I wonder why those SKS key servers are so important to be still in
> > service as of today since we have WKD, Hagrid, keybase, Mailvelope Key
> > Server and Facebook?
> 
> Only people using the SKS keyserver network are affected by this issue.
> You say you don't see a reason to use them. So don't. Tell your
> correspondants to use different methods when they exchange keys with
> you, and you'll never have to interact with the SKS keyserver network
> again. Problem solved; for you. Others will take care of their own.
> 
> Also Facebook?
> 
> A lot of the alternatives to the SKS network have some issues regarding
> either a form of trusted third party, or of anonymity. Every service has
> its own trade-offs. And some stand out like a sore thumb. Again...
> Facebook?! :-)

True, I will let them know. Regarding Facebook, yes, I see at as some form
of a key server too because it allows FB users to upload their pub key
to their profile. :-)

Regards
Stefan

-- 
box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: was Re: PGP Key Poisoner // now "Binding one person's subkey to another person's primary key"

[Peter Lebbing]

On 13/08/2019 13:56, Kristian Fiskerstrand wrote:
> As you correctly point out its really not that relevant for encryption
> subkeys. It does have security implementations for signing subkeys; see
> [cross-certification section] for some details on that.

But this issue has been fixed for so long that any CD's documenting the
fix will have since bit-rotted! It's ancient Information Technology
history!

To be exact, this has been a non-issue since GnuPG 1.4.8, released
2007-12-20, which defaulted to --require-cross-certification after the
cross certifications had percolated through the ecosystem in the years
leading up to that new default.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Peter Lebbing]

On 12/08/2019 22:09, U'll Be King Of The Stars wrote:
> The things I missed are:
> 
> - how to check and clean a user's local keyring
> 
> - how to update the user's local configuration in ~/.gnupg

I generally felt there was a lack of concise, complete instructions for
users, after the event. I was missing several pieces of the puzzle
myself. Still, I suppose I could have tried to do this, so it's a bit
odd to be pointing out that this area was lacking when I could have
solved it partially myself. But here we are: I never saw a good concise
complete set of instructions and guidance, and I was a bit surprised
no one wrote it.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Peter Lebbing]

I suspect we haven't seen this issue being done in the real world before
because it is not a useful attack in many scenarios. It's just a nasty
DoS that can be avoided by not using the SKS keyserver network. I'm
completely speculating, but I think that the people who really want to
learn something about their victim will use and have used completely
different attacks. This DoS isn't effective at what they want.

I don't know if that is the case, but I think it's a possibility.

This doesn't mean that this attack was harmless; far from it. I think it
has the potential to do a lot of harm to a lot of people. It just
possibly doesn't really accomplish the goals that, for instance,
oppressive regimes or black hats penetrating networks have. And since no
serious attacker used this weakness, by that virtue it might not be a
big problem. The good sides of the SKS keyserver network might outway
its flaws when the flaws are not the flaws that attackers will exploit
in practice.

Until little boys with matches come round and play at being responsible
security researchers without understanding how that actually works.

> People know there that there are issues for a decade with the software
> running on their servers and they don't understand the codebase to fix
> issues.

I don't think the bit about the OCaml code complexity was a good
argument in Rob's gist post.

I think the proper fix is to design an alternative to the SKS keyserver
network. The design choices in the reconciliation protocol don't work
out anymore, we shouldn't change the protocol but replace it.

Several alternatives for key distribution have actually been developed
for many years now. You can't say people are not actively working on
this problem, it's just not true. That they are actually looking in a
different solution space than what you want to see is their right.

> And when things later happen, like recently, they still run their
> servers.

Perhaps because there are still users who need it. GnuPG 2.2.17 already
led to a report[1] on the mailing list that they needed third-party
signatures from keyservers. I don't know if they need the SKS network,
but in general, there are users out there who can still use it.

But I obviously can't speak for anyone else.

> I wonder why those SKS key servers are so important to be still in
> service as of today since we have WKD, Hagrid, keybase, Mailvelope Key
> Server and Facebook?

Only people using the SKS keyserver network are affected by this issue.
You say you don't see a reason to use them. So don't. Tell your
correspondants to use different methods when they exchange keys with
you, and you'll never have to interact with the SKS keyserver network
again. Problem solved; for you. Others will take care of their own.

Also Facebook?

A lot of the alternatives to the SKS network have some issues regarding
either a form of trusted third party, or of anonymity. Every service has
its own trade-offs. And some stand out like a sore thumb. Again...
Facebook?! :-)

Cheers,

Peter.

[1] 

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: was Re: PGP Key Poisoner // now "Binding one person's subkey to another person's primary key"

[Kristian Fiskerstrand]

On 12.08.2019 19:09, vedaal via Gnupg-users wrote:
> Can this really be done?
> 
> (Does not matter so much to me personally, as I grew up with v3
> keys, and even when using a V4 key, I don't generate a subkey, but
> allow all the functions (sign, encrypt. certify) to be done with the
> master key).
> 
> Does matter a lot if I can't trust the subkey of someone whom I want 
> to encrypt to.

> How real is this threat, and is it any threat at all, if simply 
> binding the subkey to a different master key, won't allow for anyone 
> else other than the 'real' owner, to decrypt messages encrypted to
> that subkey?

As you correctly point out its really not that relevant for encryption
subkeys. It does have security implementations for signing subkeys; see
[cross-certification section] for some details on that.

References:
[cross-certification section]
https://gnupg.org/faq/subkey-cross-certify.html

-- 

Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk

Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

Corruptissima re publica plurimæ leges
The greater the degeneration of the republic, the more of its laws



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Werner Koch via Gnupg-users]

On Tue, 13 Aug 2019 09:54, gnupg-users@gnupg.org said:

> The bug, however, is in the program that chokes on poisoned keys!

Nope.  This is a long standing DoS protection by limiting the total
length of a keyblock.  The diagnostics were a bit misleading, though.

The time it took to process all these signatures during importing is due
to a fix and out of order keyblock functions which has been enabled by
default in 2.1.  It should be obvious that checking several thousands of
signatures and finding the matching user-id takes its time.

Anyway, given that these keys are real the approach with 2.2.17 is to
auto-retry an import with import-clean etc. if the keyblock size hits
the size limit.  For keyserver imports import-clean is also the default.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[David]

On 12/08/2019 15:47, Ralph Seichter wrote:
> * da...@gbenet.com:
> 
>> putting this code on Github whist demonstrating a point - was foolish
> 
> No, it was not. Foolish would be to pretend the conceptual flaw does not
> exist, cover your ears with your hands and go "la la la".
> 
>> To say that this was in practice and common knowledge for years - it's
>> new to me and many thousands of pgp users.
> 
> Are you suggesting that people "in the know" should let people with a
> potentially harmful lack of knowledge stay blissfully unaware? What good
> would that do?
> 
>> People Should Not Be Afraid Of Their Government - Their Government
>> Should Be Afraid Of The People - When Injustice Becomes Law, REBELLION
>> Becomes A DUTY! Join the Rebellion Today! The "Captain's B(L)og"
> 
> I think that, in light of your message, is quite a ridiculous signature.
> https://gbenet.com advertises itself as a "Capitalist Free Website For
> Free Thinkers!" stating "I have no ''beliefs'' no secret agenda's [sic] -
> other than to bring you knowledge which you may not be aware of". Well,
> some knowledge was brought to you via GitHub, so enjoy. :-)
> 
> -Ralph
> 
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 
Thank you Ralf,

David


-- 
People Should Not Be Afraid Of Their Government - Their Government
Should Be Afraid Of The People - When Injustice Becomes Law, REBELLION
Becomes A DUTY! Join the Rebellion Today! The "Captain's B(L)og"
https://gbenet.com



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Alessandro Vesely via Gnupg-users]

On Mon 12/Aug/2019 19:27:49 +0200 Peter Lebbing wrote:
> On 12/08/2019 18:39, Stefan Claas via Gnupg-users wrote:
>> Why was is then not fixed a decade ago, like it was done with 2.2.17?
> 
> There is no fix for the SKS keyserver network, which explains why it
> wasn't fixed in 2.2.17 either. In fact, fixes have been deployed over
> the last several years. DANE, WKD, Autocrypt, work on
> keys.openpgp.org...


This and John Z mentioning OCaml seem to point a finger in the wrong
direction.  The key poisoner shows that 20 signatures can be
handled in a few seconds (I didn't try, I trust the author).  More
than a reasonable number of signatures makes no sense in practice, so
I agree lists should somehow be "fixed" so as not to accept an
unreasonable number of signatures (reasonable == 2??)

The bug, however, is in the program that chokes on poisoned keys!

Was that fixed, yet?


Best
Ale



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Robert J. Hansen]

> I don't want to warm-up this topic again, but... didn't Robert said in his
> github gist that the issue was known for more than a decade?

I did.  Much closer to two decades than one.  I remember talking about
it with Randy Harmon of PGP Security in 2000.

> Why was is then not fixed a decade ago, like it was done with 2.2.17?

Re-read my Gist, please.  It's all in there.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[U'll Be King Of The Stars]

On 12 August 2019 18:27:49 BST, Peter Lebbing  wrote:
>On 12/08/2019 18:39, Stefan Claas via Gnupg-users wrote:
>> Why was is then not fixed a decade ago, like it was done with 2.2.17?
>
>There is no fix for the SKS keyserver network, which explains why it
>wasn't fixed in 2.2.17 either. In fact, fixes have been deployed over
>the last several years. DANE, WKD, Autocrypt, work on
>keys.openpgp.org...

I still contend that a large subset of the most harmful factors in all of this 
are those awful GnuPG beginners tutorials that encourage the inexperienced new 
user to upload their new keys to keyservers.

I would love to fix this problem from this perspective.  Before too long I 
would like to determine if I can schedule time to work on it.  It's an 
important thing for an important project that I just happen to be particularly 
interested in.

>I thought this (there is no fix) was pretty solidly established by now
>on this mailing list and elsewhere?

The things I missed are:

- how to check and clean a user's local keyring

- how to update the user's local configuration in ~/.gnupg

Andrew

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Stefan Claas via Gnupg-users]

Peter Lebbing wrote:

> On 12/08/2019 18:39, Stefan Claas via Gnupg-users wrote:
> > Why was is then not fixed a decade ago, like it was done with 2.2.17?
> 
> There is no fix for the SKS keyserver network, which explains why it
> wasn't fixed in 2.2.17 either. In fact, fixes have been deployed over
> the last several years. DANE, WKD, Autocrypt, work on
> keys.openpgp.org...
> 
> I thought this (there is no fix) was pretty solidly established by now
> on this mailing list and elsewhere?
> 
> Peter.

Yes, but still I don't understand the attitude of the SKS operators.

People know there that there are issues for a decade with the software running
on their servers and they don't understand the codebase to fix issues.

And when things later happen, like recently, they still run their servers.

I wonder why those SKS key servers are so important to be still in service as
of today since we have WKD, Hagrid, keybase, Mailvelope Key Server and Facebook?

Regards
Stefan

-- 
box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[John Z.]

> I don't want to warm-up this topic again, but... didn't Robert said in his
> github gist that the issue was known for more than a decade?
> 
> Why was is then not fixed a decade ago, like it was done with 2.2.17?

The link in the github document, points to another link which explains
that the code is difficult to work with, and -iirc- is written in OCaml
as a Ph.D. thesis.
I stand corrected, if I'm wrong.

> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

-- 
"That gum you like is going to come back in style."

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[U'll Be King of the Stars]

On 12/08/2019 16:44, Ryan McGinnis via Gnupg-users wrote:
Yes, ironically, this proof of concept is the responsible way to 
demonstrate the issue (after a sufficient waiting period following a 
private disclosure to the developers)

I don't understand how this is irony.  I must have missed something.

Are you suggesting that because the entire community have known about 
this for a long time and did nothing, then the problem has effectively 
been disclosed already?  Therefore something should have been done long 
ago and because it wasn't exploiting the defect like this should not be 
something to complain about?


Andrew
--
OpenPGP key: EB28 0338 28B7 19DA DAB0  B193 D21D 996E 883B E5B9

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Peter Lebbing]

On 12/08/2019 18:39, Stefan Claas via Gnupg-users wrote:
> Why was is then not fixed a decade ago, like it was done with 2.2.17?

There is no fix for the SKS keyserver network, which explains why it
wasn't fixed in 2.2.17 either. In fact, fixes have been deployed over
the last several years. DANE, WKD, Autocrypt, work on
keys.openpgp.org...

I thought this (there is no fix) was pretty solidly established by now
on this mailing list and elsewhere?

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

was Re: PGP Key Poisoner // now "Binding one person's subkey to another person's primary key"

[vedaal via Gnupg-users]

On 8/12/2019 at 7:28 AM, "Juergen Bruckner via Gnupg-users" 
 wrote:

>Am 11.08.19 um 23:47 schrieb Anonymous Remailer (austria):
>> 
>> https://github.com/skeeto/pgp-poisoner

=
Here is a quote from the above site:

=[ begin quoted material ]=

As far as keyserver weaknesses go, key poisoning attacks are really just 
scratching the surface. 
For example, did you know other people can bind your subkeys to their primary 
key?

=[ end quoted material ]=

Can this really be done?

(Does not matter so much to me personally, as I grew up with v3 keys, 
and even when using a V4 key, I don't generate a subkey, 
but allow all the functions (sign, encrypt. certify) to be done with the master 
key).

Does matter a lot if I can't trust the subkey of someone whom I want to encrypt 
to.

How real is this threat, and is it any threat at all, 
if simply binding the subkey to a different master key, 
won't allow for anyone else other than the 'real' owner, to decrypt messages 
encrypted to that subkey?

TIA

vedaal


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Stefan Claas via Gnupg-users]

Ryan McGinnis via Gnupg-users wrote:

> Yes, ironically, this proof of concept is the responsible way to demonstrate
> the issue (after a sufficient waiting period following a private disclosure
> to the developers), rather than, say, demonstrating the issue by spitefully
> poisoning the keys of a few prominent people in the GPG community.   The “if
> nobody talks about it and it remains obscure then it is not an issue” is
> something you would expect from a Mickey Mouse outfit that has no real
> understanding of security, not from a software development community that is
> essentially creating platforms focused on gold-standard security applications
> that underpin a lot of development infrastructure.  
> 
> Just my two cents *ploink ploink*

I don't want to warm-up this topic again, but... didn't Robert said in his
github gist that the issue was known for more than a decade?

Why was is then not fixed a decade ago, like it was done with 2.2.17?

Regards
Stefan
-- 
box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Stefan Claas via Gnupg-users]

Ryan McGinnis via Gnupg-users wrote:

[snip]

Not to be off-topic but I wonder why your message, when reading it
in my MUA, displays this in the message body:

Never seen this before on the ML.

c"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="publicKey - r...@digicana.com -
5c738727ee58786a777c4f1db5aa3fa3486ed7ad.as= c"

LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tClZlcnNpb246IFBt
Y3J5cHRvIEdvbGFuZyAwLjAuMSAoZGRhY2ViZTApCkNvbW1lbnQ6IGh0dHBzOi8v
cHJvdG9ubWFpbC5jb20KCnhzRk5CRm95d3BvQkVBQ0dsQ0x6dUl4UHR1VDYwQld3
K1luQ0V3NS9HbFhJeDVYNmwzTkpnRGlUL1FydjZtM0MKWDROSkVIY21VT3J1SWhS
L2JJMFdrdnVXVjRSZnh2MEJLUWpwN0puTVdSRE9ZNU54SWNrdk1KR3BsTFRoY3lS
agpLcUF2aXhTcnVrc3h0M3YzQTViNzdLeXcxZXlCMytlQzNZbzBnMjh5aGhmbG4x
Z2V4enNVc3V6U1crRml4eGd6ClMyS2RKMjZhWjhTYjNnanZmSEx2L01LaFhsdVN3
WWdYSURLTWlVT2liMGlEVmRXUGZGWENwVmJIM28xOFZueFQKZEMzVUkzdlZtbEph
clI0TzV4SXA2RndkbVFWdGo3M1pNSGRnWW5RY2VHWWN3b2I4dGFPMGRLZlUrMzEv
Ymp1dQpNYU9qeTJ1S25DeDlsZWVLNEgxM0pjYkl5R1NLN2pyQWVRUk53RTU4VXpC
SlpVQnMxSURjZFlZN1l2MW9iOWlNClljZmtaaHF6enREaksxUVAzSWJlM0FHMDJY
K3JVWExjdmxoOEVjY0RiL1c1MElBK2VqRHk3eUZRYjZTSys0U3AKSXJaSEdQamYx
eUQ0eGtraHpORlBKMm1ZR040aENDcm5XckRnL2hDM3J4U3dDcEkzUEV4bFo4T0Y5
ank5alR0cQpJUngvelhTUUtnSmNBRHM0dHNOSGZ6UHJuRXk0MWJzbWNkSTBOcm5j
UGNmMjVqRnZhUFR3QkhBQ3lIbG1GWDJ6Ci9HdUNoZW9wYXhtaVZKRnVWbGVxcnR4
ZVRCTjR2NzlMaHhCR3RDVWRZSDlHcmVuRnZ6QTl2OFZNQTZyOWQ3YVcKQ2I3bDBK
SEw4d3pEQk9sRENiSk1adlQ3dER4eWwyTUl2MTFMUWVJSW5SbEk2SkJ4TENGWnVo
WVB6d0FSQVFBQgp6U1Z5ZVdGdVFHUnBaMmxqWVc1aExtTnZiU0E4Y25saGJrQmth
V2RwWTJGdVlTNWpiMjArd3NGMUJCQUJDQUFwCkJRSmFNc0tnQmdzSkJ3Z0RBZ2tR
dGFvL28waHUxNjBFRlFnS0FnTVdBZ0VDR1FFQ0d3TUNIZ0VBQUp5TEQvMFQKZUdG
YmJ1TnlQZmxUb3NkbW1LQUM2Wnl1RHdKeExqdkwzWW5IQVVQa1RPL2E2eFR0RVoy
QjQxL21PeDJPVGN5aApKaGh3dEIwL2xzU043cjVyWEh6VVc0VmU2R1NTOFBFSTNq
MUl5TS93ZWN2MytnYjM4ZmZkRkVKQTFiVW45K2YvCnV5aFFJRmFMd0ZwcThVUUd4
RFJKOTFRWGNYRnJQemFsc3Y5S0tOY3QxdFJDbGZWblFSNzdCemtoZklKczJnUWkK
eVQxbCtWRnF6WEFoVmlpdXpSZGxKTWFUTGIyMzZVa2VPeC9leU5WRWNpdlZZb3V5
MkJ6TC9kVzI4V0RQUHRkVgpIT2NWbVY0S2ZhWUpwSDRtQkhCL0tQK0pOUXk1c3BW
Zk1MTWZDMDhyNWEwRUZFM0J5ZWJsdDNPTlBtKzJ5bXpDClJvdEl0ejhUN3Njd3U0
eFRtSXc1V1dSY0lpM21iRFcvbWVmbzd3aGJYM283TmlkUEJDK1pxSnNxTG9Obm8v
YUQKUFlYbnBUekFiczRVVFNxcDZQNDlNSFZXTkY0L24vYVhVM1ZoQnZaeDBoMU5O
TmJPMVB6Ui84U3I3ZmVkRDlVQwpuaUpOSmdmYUtodDFpMTlQYytCRjUrc2duYlJa
ZUlmU3hIV2ZYRCtrcklXR1ptUkJhQnBHelIzSnIzQUF3Q2NECnVKVmVDWHhJZTE3
WlRIeXdxVlpsb1hGWEVSSkJUZm1KK0FEbjIrc0ZNanBkV0Jhd3NsNXhYLzlmZmlP
WWY4aTAKbEdoNnZraWtCbkdaem5YSVp4Y3YvSVZpSHVnYlY3M3FwdktUaVpiME5o
WDlhd3kybGJqcWRxZzR4UHhuMlJJbwpwaEY5VTNpYmxhcDRqSnJZMFo2NmdNUEhB
b2VVWlVJa1crWjYzT1BJbE03QlRRUmFNc0thQVJBQWlSblptNHVjClBLc0ZEUG5N
SjVWcUVkeE9LcVRhbGsxRDM3NzEyemovWjcwNjlaRkV6QnY5UkVUcU9qdmFCQ1ZU
dExrWmpVS3UKQXQ5QVF3S0prcUhNbXpHVGdsVGt5cThEM0Z3cDExeVVoQm12M3lP
ciswVjVNZUU2OUhNdXFpdHBPNWdYbW9NMQoyQ1VBUERzcWV0OEY4THN0RUpNYlJo
cHh2T3NnbU1SV2dGbTVMNzRjeXFPVDQ0K01vOCt1THdldlBIMXBDN2JFCi9rTEVQ
ZXdjQUUvNjBwUTBZZ1ZQMkxlNngyaHQ4Q3pEWjdwOGNTSGtYbEJhOXlIa1haUkV0
VStMMFdJSU0rM28KRjBycnhMeENpcmJjU2hOM1pFeHgra0xuTTJ6YjN4bUVRd1k2
YndsVXRIa25ub1ZwSmtaWFBjM21OSlFLYzA4NAorWEdnSWNQYXEwNTN2cElaa093
ZlFib292azZ4cG9sWkdmU254c1FTVnNCTFQ3WFlKR2UydjRTdExuS1UzRzFXCk1J
aHk4TitzK1ArUHRPYytZRU9sNS82cmhiZUk2UkFsS21wcisvMGhFWG9lK0Z4USt0
Njc5TS9kR2ptRmM1YlIKVFl0b1k2YlpuaGpHYnZ0dWY0K3pmUFNudmFMOFFtd2Rj
bjZYSFExVndCQmFVWXlqYUxJTCtOam1LSjdSWGhrawoyeUs0SU1iZDVYMFl1TDVm
dVpnTXE5OUJTbkVtZ1B0QUhwQW9rci9sWXV0VW82NmhIUEQ5OWlBSUwxYUI5aU5l
CmpqU0FjdWI1QThQMENaYWJNTWVsdmw5QnRXRGVHZ0d6K3lFQmlJN09MOHdaOUxn
NjM0RTZRNjVIUmZBcUFiU2cKc0pyRmRHc0tKM3NuUXRhbGJ6UzJBaldVUnZWOW5T
aHpuV3NBRVFFQUFjTEJYd1FZQVFnQUV3VUNXakxDb3drUQp0YW8vbzBodTE2MENH
d3dBQU5qSkQvNDFRTmpkSkQ3VzNZR0RkRjd6SXlOMW5FME9WTElsaGh5WHZ4Mk5C
UzlFCjhPMzM4V1dpbnMzekxJZTdCenFyNkhTSmdQZUxyRElJWi8rQ29aSW9aZm52
cEI2bllsbWdQME8zdUZuSnNQYysKTjVnc1E0cDEzZEF4QldWMVNBSmJtMDdyZ3VT
RVMzNzlpdHdPTWFuSU9KTVNQTnhETHI4YUxLY2pKV0tqNWRnTgpvMEx1eWFYSjdI
OU02MWMrMytUV25ZdWNBakZDQ2s3STcrRldtWHZ2OEgzVHBBeEF6K3FPYllKRDRS
UDFaL3RSCjdtYVJyQU5NalVZY0lneVR2RzlsNDF2ZG1jR01lZDN4bTc3VS9Yek96
ZlVDbEVEbWFLMzlibU9HNEF1YzVSOHkKNjIrMkhJSS94cmE5V2VlaUlPZXNxTUVN
NTB5NkFjUUVSVnAydDQyZjFucld5aU1KMkR6cVMyUlZwMHZiNWNsRApIK25XUUlM
bGxuN1VBd09ONHJvaXpQZm5zeTRBOGdiTS9KcXlMazA1Vnl4WlEzWUNUZUJJcVJm
anUyUndIM0l2CjRuZFBhaXBIUkY3R3dOZEdKWDJFYmJ4L1hyMHBLbUx3K0tKa211
ZEVuU0VqYUJTeFYwcml1N3dHUHZ6UVFhL3AKWTIrNmlzWDgxeVNibFlqakVwVCsz
eDUvdmFzMDcxL3dNdlFaWmJrc29RT3dvZGxZSHFHellGOTlXbFoyMHJySgpnL1F4
R2VQS2xRU01jQWlYalhXUzI4bkYxY2xVZHRlUlNXM0JDbHJsbGcyNFlNNWRZL1ZC
RDhzZWp5aERNVUI4CnA3NUNCa1JDTzZ4UlozcnJ5QXBqQTM0QnJlNnd0NlJOT1A5
V1VTYzFnbmhPaUk5K3E1a3oxc0JHWm9VRXRNTmsKZ1E9PQo9SXZXYQotLS0tLUVO
RCBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0t

[signature.asc  application/pgp-signature (839 Bytes)]

Regards
Stefan 

-- 
box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Ryan McGinnis via Gnupg-users]

Yes, ironically, this proof of concept is the responsible way to demonstrate the issue (after a sufficient waiting period following a private disclosure to the developers), rather than, say, demonstrating the issue by spitefully poisoning the keys of a few prominent people in the GPG community.   The “if nobody talks about it and it remains obscure then it is not an issue” is something you would expect from a Mickey Mouse outfit that has no real understanding of security, not from a software development community that is essentially creating platforms focused on gold-standard security applications that underpin a lot of development infrastructure.  Just my two cents *ploink ploink*-Ryan McGinnishttps://bigstormpicture.com https://keybase.io/digicanaSent via ProtonMail  On Mon, Aug 12, 2019 at 09:54, Stefan Claas  wrote:  Juergen Bruckner via Gnupg-users wrote:> Thats pretty interesting, but the author also says he did this as showcase.> Nontheless, its not really good to have such a tool "in the wild", and> even on a plattform like GitHubAFAIK it is common pratice to publish PoCs to help program authors to improveor quickly fix their open source security software. Otherwise long standingissues may have been never fixed.RegardsStefan--box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)___Gnupg-users mailing listGnupg-users@gnupg.orghttp://lists.gnupg.org/mailman/listinfo/gnupg-users


c"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="publicKey - r...@digicana.com - 
5c738727ee58786a777c4f1db5aa3fa3486ed7ad.as=
c"

LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tClZlcnNpb246IFBt
Y3J5cHRvIEdvbGFuZyAwLjAuMSAoZGRhY2ViZTApCkNvbW1lbnQ6IGh0dHBzOi8v
cHJvdG9ubWFpbC5jb20KCnhzRk5CRm95d3BvQkVBQ0dsQ0x6dUl4UHR1VDYwQld3
K1luQ0V3NS9HbFhJeDVYNmwzTkpnRGlUL1FydjZtM0MKWDROSkVIY21VT3J1SWhS
L2JJMFdrdnVXVjRSZnh2MEJLUWpwN0puTVdSRE9ZNU54SWNrdk1KR3BsTFRoY3lS
agpLcUF2aXhTcnVrc3h0M3YzQTViNzdLeXcxZXlCMytlQzNZbzBnMjh5aGhmbG4x
Z2V4enNVc3V6U1crRml4eGd6ClMyS2RKMjZhWjhTYjNnanZmSEx2L01LaFhsdVN3
WWdYSURLTWlVT2liMGlEVmRXUGZGWENwVmJIM28xOFZueFQKZEMzVUkzdlZtbEph
clI0TzV4SXA2RndkbVFWdGo3M1pNSGRnWW5RY2VHWWN3b2I4dGFPMGRLZlUrMzEv
Ymp1dQpNYU9qeTJ1S25DeDlsZWVLNEgxM0pjYkl5R1NLN2pyQWVRUk53RTU4VXpC
SlpVQnMxSURjZFlZN1l2MW9iOWlNClljZmtaaHF6enREaksxUVAzSWJlM0FHMDJY
K3JVWExjdmxoOEVjY0RiL1c1MElBK2VqRHk3eUZRYjZTSys0U3AKSXJaSEdQamYx
eUQ0eGtraHpORlBKMm1ZR040aENDcm5XckRnL2hDM3J4U3dDcEkzUEV4bFo4T0Y5
ank5alR0cQpJUngvelhTUUtnSmNBRHM0dHNOSGZ6UHJuRXk0MWJzbWNkSTBOcm5j
UGNmMjVqRnZhUFR3QkhBQ3lIbG1GWDJ6Ci9HdUNoZW9wYXhtaVZKRnVWbGVxcnR4
ZVRCTjR2NzlMaHhCR3RDVWRZSDlHcmVuRnZ6QTl2OFZNQTZyOWQ3YVcKQ2I3bDBK
SEw4d3pEQk9sRENiSk1adlQ3dER4eWwyTUl2MTFMUWVJSW5SbEk2SkJ4TENGWnVo
WVB6d0FSQVFBQgp6U1Z5ZVdGdVFHUnBaMmxqWVc1aExtTnZiU0E4Y25saGJrQmth
V2RwWTJGdVlTNWpiMjArd3NGMUJCQUJDQUFwCkJRSmFNc0tnQmdzSkJ3Z0RBZ2tR
dGFvL28waHUxNjBFRlFnS0FnTVdBZ0VDR1FFQ0d3TUNIZ0VBQUp5TEQvMFQKZUdG
YmJ1TnlQZmxUb3NkbW1LQUM2Wnl1RHdKeExqdkwzWW5IQVVQa1RPL2E2eFR0RVoy
QjQxL21PeDJPVGN5aApKaGh3dEIwL2xzU043cjVyWEh6VVc0VmU2R1NTOFBFSTNq
MUl5TS93ZWN2MytnYjM4ZmZkRkVKQTFiVW45K2YvCnV5aFFJRmFMd0ZwcThVUUd4
RFJKOTFRWGNYRnJQemFsc3Y5S0tOY3QxdFJDbGZWblFSNzdCemtoZklKczJnUWkK
eVQxbCtWRnF6WEFoVmlpdXpSZGxKTWFUTGIyMzZVa2VPeC9leU5WRWNpdlZZb3V5
MkJ6TC9kVzI4V0RQUHRkVgpIT2NWbVY0S2ZhWUpwSDRtQkhCL0tQK0pOUXk1c3BW
Zk1MTWZDMDhyNWEwRUZFM0J5ZWJsdDNPTlBtKzJ5bXpDClJvdEl0ejhUN3Njd3U0
eFRtSXc1V1dSY0lpM21iRFcvbWVmbzd3aGJYM283TmlkUEJDK1pxSnNxTG9Obm8v
YUQKUFlYbnBUekFiczRVVFNxcDZQNDlNSFZXTkY0L24vYVhVM1ZoQnZaeDBoMU5O
TmJPMVB6Ui84U3I3ZmVkRDlVQwpuaUpOSmdmYUtodDFpMTlQYytCRjUrc2duYlJa
ZUlmU3hIV2ZYRCtrcklXR1ptUkJhQnBHelIzSnIzQUF3Q2NECnVKVmVDWHhJZTE3
WlRIeXdxVlpsb1hGWEVSSkJUZm1KK0FEbjIrc0ZNanBkV0Jhd3NsNXhYLzlmZmlP
WWY4aTAKbEdoNnZraWtCbkdaem5YSVp4Y3YvSVZpSHVnYlY3M3FwdktUaVpiME5o
WDlhd3kybGJqcWRxZzR4UHhuMlJJbwpwaEY5VTNpYmxhcDRqSnJZMFo2NmdNUEhB
b2VVWlVJa1crWjYzT1BJbE03QlRRUmFNc0thQVJBQWlSblptNHVjClBLc0ZEUG5N
SjVWcUVkeE9LcVRhbGsxRDM3NzEyemovWjcwNjlaRkV6QnY5UkVUcU9qdmFCQ1ZU
dExrWmpVS3UKQXQ5QVF3S0prcUhNbXpHVGdsVGt5cThEM0Z3cDExeVVoQm12M3lP
ciswVjVNZUU2OUhNdXFpdHBPNWdYbW9NMQoyQ1VBUERzcWV0OEY4THN0RUpNYlJo
cHh2T3NnbU1SV2dGbTVMNzRjeXFPVDQ0K01vOCt1THdldlBIMXBDN2JFCi9rTEVQ
ZXdjQUUvNjBwUTBZZ1ZQMkxlNngyaHQ4Q3pEWjdwOGNTSGtYbEJhOXlIa1haUkV0
VStMMFdJSU0rM28KRjBycnhMeENpcmJjU2hOM1pFeHgra0xuTTJ6YjN4bUVRd1k2
YndsVXRIa25ub1ZwSmtaWFBjM21OSlFLYzA4NAorWEdnSWNQYXEwNTN2cElaa093
ZlFib292azZ4cG9sWkdmU254c1FTVnNCTFQ3WFlKR2UydjRTdExuS1UzRzFXCk1J
aHk4TitzK1ArUHRPYytZRU9sNS82cmhiZUk2UkFsS21wcisvMGhFWG9lK0Z4USt0
Njc5TS9kR2ptRmM1YlIKVFl0b1k2YlpuaGpHYnZ0dWY0K3pmUFNudmFMOFFtd2Rj
bjZYSFExVndCQmFVWXlqYUxJTCtOam1LSjdSWGhrawoyeUs0SU1iZDVYMFl1TDVm
dVpnTXE5OUJTbkVtZ1B0QUhwQW9rci9sWXV0VW82NmhIUEQ5OWlBSUwxYUI5aU5l
CmpqU0FjdWI1QThQMENaYWJNTWVsdmw5QnRXRGVHZ0d6K3lFQmlJN09MOHdaOUxn
NjM0RTZRNjVIUmZBcUFiU2cKc0pyRmRHc0tKM3NuUXRhbGJ6UzJBaldVUnZWOW5T
aHpuV3NBRVFFQUFjTEJYd1FZQVFnQUV3VUNXakxDb3drUQp0YW8vbzBodTE2MENH
d3dBQU5qSkQvNDFRTmpkSkQ3VzNZR0Rk

Re: PGP Key Poisoner

[Stefan Claas]

Juergen Bruckner via Gnupg-users wrote:

> Thats pretty interesting, but the author also says he did this as showcase.
> Nontheless, its not really good to have such a tool "in the wild", and
> even on a plattform like GitHub

AFAIK it is common pratice to publish PoCs to help program authors to improve
or quickly fix their open source security software. Otherwise long standing
issues may have been never fixed.

Regards
Stefan

-- 
box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
GPG: C93E252DFB3B4DB7EAEB846AD8D464B35E12AB77 (avail. on Hagrid, WKD)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Ralph Seichter]

* da...@gbenet.com:

> putting this code on Github whist demonstrating a point - was foolish

No, it was not. Foolish would be to pretend the conceptual flaw does not
exist, cover your ears with your hands and go "la la la".

> To say that this was in practice and common knowledge for years - it's
> new to me and many thousands of pgp users.

Are you suggesting that people "in the know" should let people with a
potentially harmful lack of knowledge stay blissfully unaware? What good
would that do?

> People Should Not Be Afraid Of Their Government - Their Government
> Should Be Afraid Of The People - When Injustice Becomes Law, REBELLION
> Becomes A DUTY! Join the Rebellion Today! The "Captain's B(L)og"

I think that, in light of your message, is quite a ridiculous signature.
https://gbenet.com advertises itself as a "Capitalist Free Website For
Free Thinkers!" stating "I have no ''beliefs'' no secret agenda's [sic] -
other than to bring you knowledge which you may not be aware of". Well,
some knowledge was brought to you via GitHub, so enjoy. :-)

-Ralph

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Mauricio Tavares via Gnupg-users]

On Mon, Aug 12, 2019 at 8:10 AM David  wrote:
>
> On 12/08/2019 12:25, Juergen Bruckner via Gnupg-users wrote:
> > Thats pretty interesting, but the author also says he did this as showcase.
> > Nontheless, its not really good to have such a tool "in the wild", and
> > even on a plattform like GitHub
> >
> > regards
> > Juergen
> >
> > Am 11.08.19 um 23:47 schrieb Anonymous Remailer (austria):
> >>
> >> https://github.com/skeeto/pgp-poisoner
> >>
> >> ___
> >> Gnupg-users mailing list
> >> Gnupg-users@gnupg.org
> >> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> >>
> >
> >
> > ___
> > Gnupg-users mailing list
> > Gnupg-users@gnupg.org
> > http://lists.gnupg.org/mailman/listinfo/gnupg-users
> >
> To be frank - putting this code on Github whist demonstrating a point -
> was foolish - it put's the code out into the wild - and some silly smart
> arse is going to play.
>
> It also begs the question - who did the attacks on SKS keyservers? "I
> have katana and I just wanted to demonstrate cutting people's head's of
> because I can." But am not going to accept the responsibility and be
> accountable for my actions. Such a position is untenable in Law and in
> ethics.
>
> There are hundreds of thousands of people globally who are employed paid
> by their respective intelligence agencies to write malicious code. They
> hide behind the fact that they are paid - it's just a day-time 9 to 5
> job - and have no sense of responsibility or accountability working in
> contravention of their own countries laws.
>
> Now you have put the code into the public domain - to prove a point? The
> justification and points hardly support an ethical just standpoint. To
> say that this was in practice and common knowledge for years - it's new
> to me and many thousands of pgp users. Many thousands of people got
> infected - and had no thought to back up their king rings and have to
> start all over again.
>
  I take you are against CVE lists.


> Just because one can develop a nuclear bomb - it proves real stupidity
> to drop it on an unsuspecting public.
>
> Be Happy!
>
> David
>
> --
> People Should Not Be Afraid Of Their Government - Their Government
> Should Be Afraid Of The People - When Injustice Becomes Law, REBELLION
> Becomes A DUTY! Join the Rebellion Today! The "Captain's B(L)og"
> https://gbenet.com
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Vincent Breitmoser via Gnupg-users]

> To be frank - putting this code on Github whist demonstrating a point -
> was foolish

No it's not. It is the basis of cryptograhpy.
See also: https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle

> Now you have put the code into the public domain - to prove a point?

Yes. And that point is that some of our security was built on obscurity.
See also: https://en.wikipedia.org/wiki/Shooting_the_messenger

 - V


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[David]

On 12/08/2019 12:25, Juergen Bruckner via Gnupg-users wrote:
> Thats pretty interesting, but the author also says he did this as showcase.
> Nontheless, its not really good to have such a tool "in the wild", and
> even on a plattform like GitHub
> 
> regards
> Juergen
> 
> Am 11.08.19 um 23:47 schrieb Anonymous Remailer (austria):
>>
>> https://github.com/skeeto/pgp-poisoner
>>
>> ___
>> Gnupg-users mailing list
>> Gnupg-users@gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>>
> 
> 
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 
To be frank - putting this code on Github whist demonstrating a point -
was foolish - it put's the code out into the wild - and some silly smart
arse is going to play.

It also begs the question - who did the attacks on SKS keyservers? "I
have katana and I just wanted to demonstrate cutting people's head's of
because I can." But am not going to accept the responsibility and be
accountable for my actions. Such a position is untenable in Law and in
ethics.

There are hundreds of thousands of people globally who are employed paid
by their respective intelligence agencies to write malicious code. They
hide behind the fact that they are paid - it's just a day-time 9 to 5
job - and have no sense of responsibility or accountability working in
contravention of their own countries laws.

Now you have put the code into the public domain - to prove a point? The
justification and points hardly support an ethical just standpoint. To
say that this was in practice and common knowledge for years - it's new
to me and many thousands of pgp users. Many thousands of people got
infected - and had no thought to back up their king rings and have to
start all over again.

Just because one can develop a nuclear bomb - it proves real stupidity
to drop it on an unsuspecting public.

Be Happy!

David

-- 
People Should Not Be Afraid Of Their Government - Their Government
Should Be Afraid Of The People - When Injustice Becomes Law, REBELLION
Becomes A DUTY! Join the Rebellion Today! The "Captain's B(L)og"
https://gbenet.com



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Playfair via Gnupg-users]

Juergen Bruckner via Gnupg-users wrote:
> Thats pretty interesting, but the author also says he did this as showcase.
> Nontheless, its not really good to have such a tool "in the wild", and
> even on a plattform like GitHub

A tool like this has been in the wild for several weeks.  As skeeto says
"Further, this attack has been known for years, and in 2019 it's been
used against real keys on keyservers. This tool is nothing new and does
not create any new capabilities. It's merely proof that such attacks are
very easy to pull off. It doesn't take a nation-state actor to break the
PGP ecosystem, just one person and couple evenings studying RFC 4880.
This system is not robust."

One wonders why an attack that's been known for years is only being
addressed now that it has been used.

> Am 11.08.19 um 23:47 schrieb Anonymous Remailer (austria):
>>
>> https://github.com/skeeto/pgp-poisoner
>>



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: PGP Key Poisoner

[Juergen Bruckner via Gnupg-users]

Thats pretty interesting, but the author also says he did this as showcase.
Nontheless, its not really good to have such a tool "in the wild", and
even on a plattform like GitHub

regards
Juergen

Am 11.08.19 um 23:47 schrieb Anonymous Remailer (austria):
> 
> https://github.com/skeeto/pgp-poisoner
> 
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

-- 
Juergen M. Bruckner
juer...@bruckner.tk



smime.p7s
Description: S/MIME Cryptographic Signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

PGP Key Poisoner

[Anonymous Remailer (austria)]

https://github.com/skeeto/pgp-poisoner

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

How to complete the public PGP key application

[Steven]

Hi Sir

 

 

We are based on the "HDCP Signing Facility User's Guide" to apply public PGP
key,

 but we could not find out like gpg.exe from the directory.

Could you help to ask any of shortcut to complete the public PGP key
application? Thanks!

 

 

Steven Tao

Jetway Information Co., Ltd.

TEL: +886-2-89132711 EXT 111

FAX: +886-2-89132722

Website: www.jetwayipc.com

 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Newbie Q, simple shared-use single-address email workflow with pgp key (small company or small # of people in a group)

[subscriber name]

Newbie Q, simple shared-use single-address email workflow with pgp key
(small company or small # of people in a group)

Good day pgp/gnupg participants. I am looking for answers to maybe a common
setup of email on a single email address, residing on a single but shared
machine (windows), that is being operated by a smallish group of multiple
people (e.g. small group, foundation, company, business), that needs to do
secured emails to and from the outside world (e.g. mailing privacy sentivie
emails, documents).

Was thinking about using Thunderbird on Windows with GnuPG extension for it
(enigmail).
How would I create the private key and key-ring, also to protect it
somewhat from being spread to the outside by mostly unknowing mis-use of
the windows machine or by accident of the non-tech savvy users of that
machine and so on? Basic task is that the single email address needs to be
able to send and receive encrypted emails. As most of the world out there
are familiar with emails and email addresses, using a pgp public key with
the currently still low number of other email partners of this address
would be a way to master this task?

Any hints on securing or handling the private key (keyring) and other hints
to this setup and scenario? Omitting the passphrase alltogether? Any way of
making it easy for the windows machine's users to not mess too much with
the pgp level of things there? Can the enigmail layer be simplified to
really easy levels as to simple buttons if to encrypt or not to encrypt the
email and similar? I guess there is no simple solution in dealing with all
those public keys of the remote senders and recipients though.

Thanks for some hints and experience.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Newbie Q, simple shared-use single-address email workflow with pgp key (small company or small # of people in a group)

[sngh]

Newbie Q, simple shared-use single-address email workflow with pgp key
(small company or small # of people in a group)

Good day pgp/gnupg participants. I am looking for answers to maybe a common
setup of email on a single email address, residing on a single but shared
machine (windows), that is being operated by a smallish group of multiple
people (e.g. small group, foundation, company, business), that needs to do
secured emails to and from the outside world (e.g. mailing privacy sentivie
emails, documents).

Was thinking about using Thunderbird on Windows with GnuPG extension for it
(enigmail).
How would I create the private key and key-ring, also to protect it
somewhat from being spread to the outside by mostly unknowing mis-use of
the windows machine or by accident of the non-tech savvy users of that
machine and so on? Basic task is that the single email address needs to be
able to send and receive encrypted emails. As most of the world out there
are familiar with emails and email addresses, using a pgp public key with
the currently still low number of other email partners of this address
would be a way to master this task?

Any hints on securing or handling the private key (keyring) and other hints
to this setup and scenario? Omitting the passphrase alltogether? Any way of
making it easy for the windows machine's users to not mess too much with
the pgp level of things there? Can the enigmail layer be simplified to
really easy levels as to simple buttons if to encrypt or not to encrypt the
email and similar? I guess there is no simple solution in dealing with all
those public keys of the remote senders and recipients though.

Thanks for some hints and experience.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: pgp key servers cors support

[Kristian Fiskerstrand]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 04/19/2014 11:40 PM, t...@piratemail.se wrote:
> 
> 
> Greetings,
> 
> I believe I asked a pgp key server http interface question on this 
> list a while ago, and received a useful response.
> 
> I also wrote tobug-pks@mit.eduwith the request below.. With no 
> response.

For questions regarding keyservers, sks-devel[0] is probably your best
bet..

> 
> 
> 
> Is there any way that the http pgp key servers could be changed to 
> provide cors headers allowing access from any site? This could
> also be done through some proxy server (njinx?) which accepts,
> forwards and then concatenates cors headers to the response.

This is alreday included in the SKS trunk as of commit [1] for an
upcoming 1.1.5 release. Once that is released
subset.pool.sks-keyservers.net[2] will be bumped to this as a min
requirement and can be used for your purposes.


> 
> I realize this is not the pgp keyserver mailing list. But I figure 
> the developers of that server also reside in this list -- and I'm
> not sure exactly which list is the right list to post to.
> 

References
[0] http://lists.nongnu.org/archive/html/sks-devel/
[1]
https://bitbucket.org/skskeyserver/sks-keyserver/commits/f6e4e88a049a3497cc17b0ad15530782d78bc59f?at=default
[2] https://sks-keyservers.net/overview-of-pools.php#pool_subset

- -- 
- 
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- 
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- 
"I have always wished that my computer would be as easy to use as my
telephone.
My wish has come true -- I no longer know how to use my telephone"
(Bjarne Stroustrup, April 1999)
-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJTU/fUAAoJEPw7F94F4TaggwwP/jNtYKU4h27XPGudP8GmxKF3
0MIYyXUYqQElcHyNl/Ji/hcCrILZ8bj2XCyxMvulNEvNs23lLxCccziL0t8FKCOG
iralbpjwszSqmeKsuZ1dr5ZsG2DzOvqgLz3d/k1pRSo3XHwmB4rlvM3W++hlwT/A
sYNizJVwrQ2OdZSApnnufub4b0VNcTvIIalMDnkAtI43Dk4hL1gFaPEpbnLneExd
lDDcUKDyqudBi7oNvQhS8nIGiPOp4cmU/+AJy5nU0NoNTJ60CYBO97TIifgWJuY5
Dwt6aSEoXZTraIS0tlEWguzY3Le4ztY/8ho9HSKgKSshatCq5z2LUfpZpVZvBQ3r
vK4fgK0uGpHm1oz9ah9V0lH1nWnSWKYvDldrm44k9PJ3F7zl3gSSAGi+A+2OFqGY
mDVrFmidLUEztKnD0hw7Hee1Ooj36EUBkYxhTGdGxDLzvY7ZKkq7so6stsc4FmSj
mhOw10ju1SF8Ag1dWe3VH+H22dsukU6B+ZgEKlKRnO0R2ZPFJ08ik/WiKBjyJ+N9
cveOxZeIKGsb/urJtR8ExTLt3fVW7ampDRlz0624FcGc4ETY54x/tEDQWD9XEN37
haM9MWr8xTQR5katIwnq80h1xSpEJVvoBi+8jWI6C9LyW8TGD9fb+lw87lRbTFkt
rCzcQ3DejmyS82DZCZrh
=Rp3p
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

pgp key servers cors support

[tim]

Greetings,

I believe I asked a pgp key server http interface question on this list a while 
ago, and received a useful response.

I also wrote tobug-pks@mit.eduwith the request below.. With no response.



Is there any way that the http pgp key servers could be changed to provide cors 
headers allowing access from any site? This could also be done through some 
proxy server (njinx?) which accepts, forwards and then concatenates cors 
headers to the response.



The reason is to enable sites' clients such as the one I'm developing, to hit a 
random assortment of pgp keyservers without proxying through my server. 
(although proxying through my server is fine, it would be better, I think, to 
talk directly to those pgp keyservers).



I realize this is not the pgp keyserver mailing list. But I figure the 
developers of that server also reside in this list -- and I'm not sure exactly 
which list is the right list to post to.

http://www.alt.org/pipermail/pgp-keyserver-folk/ 404s



-tim



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Pgp key

[Mike Acker]

On 09/15/2013 12:54 PM, Jack Szary wrote:
> I have someone's PGP key and he said to use that to send him information, how 
> do I use his key to send him a message?
>
first off, are you Windows or Linux ? In Linux you should have GPG
installed by deafult; in Windows you will need to go download gpg4win
and install it

once you have gpg in your system then get the Thunderbird e/mail
client.  again, in Linux (Ubuntu, or Mint at least ) -- Thunderbird will
already be present.   In Windows, you have to go download it and install it.

setup and test your e/mail account.   add your buddy to your address book

Next you need to add the ENIGMAIL plug-in to Thunderbird .   In
Linux/Mint(15) I had to download the plug-in and install it manually;
Windows or Ubuntu installed from the get -add-ons menu

Next you need to generate a key-pair .  use the KeyManagement option of
Thunderbird from the OpenPGP drop-down

Next you need to use key-management from Thunderbird to import the key
that your buddy sent you

now you can send a message to your buddy.   after you have the message
ready click the OpenPGP pull-down and check encrypt,sign,use pgp-mime,
and ignore recipient rules

the e/mail address you send to needs to match the e/mail address he has
on his key


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Pgp key

[Pete Stephenson]

On Sun, Sep 15, 2013 at 6:54 PM, Jack Szary  wrote:
> I have someone's PGP key and he said to use that to send him information, how 
> do I use his key to send him a message?

Hi Jack,

Do you have GnuPG (or some other OpenPGP-compatible software) installed?

If so, do you already have your own PGP key?

Cheers!
-Pete

-- 
Pete Stephenson

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Pgp key

[Jack Szary]

I have someone's PGP key and he said to use that to send him information, how 
do I use his key to send him a message?
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: SSH key and PGP key

[Jeroen Budts]

On 11/07/2012 05:48 PM, Connie Rodriguez wrote:
> Any help is appreciated!  My knowledge is very limited on
> encryption/decryption.  I understand the concept but that is just about it!
> 
> I currently have gpg installed on our unix system.  I have been asked to
> provide a SSH key and GPG key that will expire annually to our bank
> vendor.  In the beginning I had set our key to not expire when I first
> set it up..can I change this?  Also, how do I create and export  a ssh
> key? 
> 
> Thanks for any help someone can provide
> 
To change the expiration date of your key you can do the following:
(where $KEYID is the id of your key)
gpg --edit-key $KEYID
Then type 'expire' and press enter
type '1y', to make it valid for one year, and press enter
Then type 'save' and enter again. That should do it.

To use your GPG key for SSH authentication, i'll point you to my blog
post about it:
http://budts.be/weblog/2012/08/ssh-authentication-with-your-pgp-key
It contains a few methods on how to achieve this.

Hope this helps,
Jeroen

-- 
website: http://budts.be/ - twitter: @teranex
___
Registered Linux User #482240 - GetFirefox.com - ubuntu.com




signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: SSH key and PGP key

[Hauke Laging]

Am Mi 07.11.2012, 16:48:41 schrieb Connie Rodriguez:

>  In the beginning I had set our key to not expire when I first set it
> up..can I change this?

--edit-key expire


> Also, how do I create and export  a ssh key?

SSH-Keys do not expire AFAIK. You can use OpenPGP-Keys (with authentication
capability) if you use gpg-agent as replacement for ssh-agent. Without a
smartcard this is not easy (unless you use gpg 2.1); you may have a look at
gpgkey2ssh and at monkeysphere.

If you do not want/need to use an OpenPGP key for SSH then you can create SSH
keys with ssh-keygen.


Hauke
--
☺
PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)

signature.asc
Description: This is a digitally signed message part.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

SSH key and PGP key

[Connie Rodriguez]

Any help is appreciated!  My knowledge is very limited on 
encryption/decryption.  I understand the concept but that is just about it!

I currently have gpg installed on our unix system.  I have been asked to 
provide a SSH key and GPG key that will expire annually to our bank vendor.  In 
the beginning I had set our key to not expire when I first set it up..can I 
change this?  Also, how do I create and export  a ssh key?

Thanks for any help someone can provide

Connie Rodriguez
Enterprise Application Analyst
Children's Medical Center Dallas
1935 Medical District Drive
Dallas, TX 75235
(214)456-8480


Please consider the environment before printing this e-mail.

This e-mail, facsimile, or letter and any files or attachments transmitted with 
it contains information that is confidential and privileged. This information 
is intended only for the use of the individual(s) and entity(ies) to whom it is 
addressed. If you are the intended recipient, further disclosures are 
prohibited without proper authorization. If you are not the intended recipient, 
any disclosure, copying, printing, or use of this information is strictly 
prohibited and possibly a violation of federal or state law and regulations. If 
you have received this information in error, please notify Children's Medical 
Center Dallas immediately at 214-456- or via e-mail at 
priv...@childrens.com. Children's Medical Center Dallas and its affiliates 
hereby claim all applicable privileges related to this information.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: urgent: import public PGP Key which is my secret Key

[J. Ottosson]

On 20 Oct 2010 at 12:21, rakia ben sassi wrote:

> Hi,
> 
> I have an encrypted document (with my key) which I should decrypt.
> After the generation of my key (and saving it in my email as .asc file),
> my computer is formated and new reinstalled. Now GnuPG find my key as
> public and I can't use it for decryption!
> 
> This key has 2 IDs; one is for a public key an the other is for the subkey
> which is secret. The document which I have is encrypted with the subkey.
> When I try a decryption, I receive: "gpg: secret key not available"
> 
> How can I import my own secret key?
> 
> Do you have a solution for me please? It's very important !!!
> 
> I'm using Ubuntu 10.4 and GnuPG.
> 
> 
> thanks for help!
> 

It indeed sound like you did an export of the public key only. In that case 
you're sort of f*cked.

However, there are at least theoretical chances of recovering your secret key, 
but somewhat slim. You could use a forensic tool such as EnCase to try to find 
the key (via the secret keyring) even after formatting the drive, should those 
sectors not be overwritten.

Since you most likely don't have that particular tool at hand you could 
probably 
find some other data recovery type of tool for that purpose. Use google. Some 
more capable tools may be offered with trial period perhaps.

EnCase could possibly be found at nasty pirate bay type of sites too, but 
obviously I wouldn't dream of suggesting such a thing to you.

But I'm quite sure there are some capable tools available the right way too, do 
a search. Possibly even some of the data recovery tools from Sandisk etc could 
be used if you're lucky.

The first thing to do though is to immediately stop using that disk, so that 
you're not writing over those sectors with new data. Chances are you already 
have done that, but if you're lucky..


/J



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: urgent: import public PGP Key which is my secret Key

[Laurent Jumet]

Hello rakia !

rakia ben sassi  wrote:

> I have an encrypted document (with my key) which I should decrypt.
> After the generation of my key (and saving it in my email as .asc file), my
> computer is formated and new reinstalled.
> Now GnuPG find my key as public and I can't use it for decryption!

> This key has 2 IDs; one is for a public key an the other is for the subkey
> which is secret.
> The document which I have is encrypted with the subkey.
> When I try a decryption, I receive: "gpg: secret key not available"

> How can I import my own secret key?

> Do you have a solution for me please? It's very important !!!

> I'm using Ubuntu 10.4 and GnuPG.

Did you save *both* secret and public keys?
What command did you use?

-- 
Laurent Jumet
  KeyID: 0xCFAF704C

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

urgent: import public PGP Key which is my secret Key

[rakia ben sassi]

Hi,

I have an encrypted document (with my key) which I should decrypt.
After the generation of my key (and saving it in my email as .asc file), my
computer is formated and new reinstalled.
Now GnuPG find my key as public and I can't use it for decryption!

This key has 2 IDs; one is for a public key an the other is for the subkey
which is secret.
The document which I have is encrypted with the subkey.
When I try a decryption, I receive: "gpg: secret key not available"

How can I import my own secret key?

Do you have a solution for me please? It's very important !!!

I'm using Ubuntu 10.4 and GnuPG.


thanks for help!
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

FW: TALX PGP Key Expiration Notice for 07/28/2009

[Krishnaswamy, Sambath]

Hi,

 

   We got new GPG key, We need to apply in Unix AIX server. I never done
before, Do we need to  install "Cygwin" software?

 

 Can you help me on this and how to test also. Please check below steps
is correct?

 

 

Installation steps

cd ~/.gnupg

gpg --import 

gpg --sign-key 

Command> trust

1 = I don't know or won't say

  2 = I do NOT trust

  3 = I trust marginally

  4 = I trust fully

  5 = I trust ultimately

  m = back to the main menu

 

Your decision? 5

Do you really want to set this key to ultimate trust? (y/N) y

Command> save

 

Regards,

Sam

Desk:   918-573-6631

Mobile: 386-631-8079

Email : samkr...@in.ibm.com <mailto:samkr...@in.ibm.com> 

  sambath.krishnasw...@williams.com
<mailto:sambath.krishnasw...@williams.com> 

 



From: Arjay, Terry 
Sent: Tuesday, June 16, 2009 8:13 AM
To: Krishnaswamy, Sambath 
Cc: Ligon, Teresa; Pandey, Omprakash
Subject: FW: TALX PGP Key Expiration Notice for 07/28/2009

 

Sam,

 

The TALX PGP Key expires periodically.  We have some time, but wanted to
get this on your radar so that you have plenty of time to do what is
necessary to comply and keep us current.

 

Thanks,

 

Terrance M. Arjay

IBM Global Services

PeopleSoft HRMS

 

Voice: 918-573-5214

Cell: 918-698-7480

E-mail: terry.ar...@williams.com  OR tmar...@us.ibm.com



From: TALX Operations Team [mailto:nore...@noreply.talx.com] 
Sent: Tuesday, June 16, 2009 5:17 AM
To: Arjay, Terry
Subject: TALX PGP Key Expiration Notice for 07/28/2009

 

 <http://www.talx.com/images/email/talx_header.jpg> 

 

Dear TALX Client,

 

Just a friendly reminder that the current TALX Corporation PGP Public
key 

will expire on 7/28/2009 and will no longer encrypt files after this
date.  

As part of TALX's security policy, PGP keys expire on a semi-annual
basis to 

better protect confidential data.  

 

The new TALX public key is attached to this e-mail and is also available


at the following websites (The key is the same on each site): 

 

http://www.talx.com/pgp/ <http://www.talx.com/pgp/> 

http://www.theworknumber.com/pgp/ <http://www.theworknumber.com/pgp/>   

   http://www.ucexpress.com/pgp/
<http://www.ucexpress.com/pgp/> 

 

Please begin using this new key on or before 7/28/2009.  Instructions
for

downloading and using this key are at the end of this email. 

 

The new TALX public key file name is talxcorp01312010Public.asc and is
scheduled

to expire on 1/31/2010.  Approximately one month before the key
expiration

we will provide a new public key for you to download.   We will notify
you via

email once the new key is available in order for you to have time to
implement.

 

If you have any questions or concerns, please contact your Client
Relationship

Manager (CRM).  Do not reply to this e-mail as it is being sent from a 

"send-only" account that is not being monitored.

 


 

 

 

MORE PGP FILE ENCRYPTION INFORMATION

 

TALX requires using file-based encryption when transmitting over the
Internet.

The encryption method is Pretty Good Privacy (PGP) version 6.5 or
greater

by PGP Corporation (http://www.pgp.com/index.html
<http://www.pgp.com/index.html> ).  This software is

downward compatible to all UNIX and Windows NT/2000/XP/Vista versions. 

 

PGP works by using a PUBLIC key and a PRIVATE key.  The transmitter of
data

encrypts the transmission file with the receiver's public key.  The only
way that

this file can be unencrypted is when the right private key (which is
under

security control by the TALX Dataload team) is then matched with the

encrypted file and the correct pass phrase is entered. 

 

The key "talxcorp01312010Public.asc" is for PGP versions 6.5 and
greater.  The 
key uses Diffie-Hellman/Digital Signal Standard encryption, with a 2048
bit
Diffie-Hellman key size.  This new public key will expire on January 31,
2010.
A new version of this key will be available for download within a month
of that date.

 

 

Along with encryption, PGP software also compresses the file to around
10

percent of the original size, greatly reducing transfer times.

 

 

The implementation procedure is as follows:

 

1. Client downloads the TALX public key from

http://www.talx.com/pgp <http://www.talx.com/pgp> ,

http://www.theworknumber.com/pgp/ <http://www.theworknumber.com/pgp/>
or 

http://www.ucexpress.com/pgp/ <http://www.ucexpress.com/pgp/>  

(The key is the same at each URL) and save the key to a local drive by
right

clicking on the hyperlink on the website and selecting "Save Target As."

 

2. Client imports public key with PGP software onto their PGP software
"keyring"

*   Open PGP keys 
*   Select Keys 
*   Select Import Key and find where you save

Re: Help Solicited to implement a new pgp key server

[Werner Koch]

On Tue, 14 Apr 2009 05:04, er.rahulkau...@gmail.com said:

> I went through the sks source code ( whatever available in link give by you.
> ). I tried understand that but it did not make sense to me.So please guide
> me in accomplishing this task.

If you don't know the OCalm language and don't want to look into it, I
suggest to look at the ONAK keyserver[1] which is written in plain C.


Shalom-Salam,

   Werner


[1] http://www.earth.li/projectpurple/progs/onak.html

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Help Solicited to implement a new pgp key server

[Robert J. Hansen]

rahul kaushik wrote:
> I am still in dilemma . I would like to know what are the steps to be
> taken to write a pgp key server in C++ using.

Peter asked an excellent question: "Is there a reason why you can't use
any of the existing keyserver software?"

You may find it useful to try answering it.  You may learn that you
don't need to write one in the first place.



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Help Solicited to implement a new pgp key server

[rahul kaushik]

Hi Peter,

Thanks for your pains taking attention towards my problem.
I am still in dilemma . I would like to know what are the steps to be taken
to write a pgp key server
in C++ using. Recently i have used GNUPG for my application so have limited
knowledge for that.
I went through the sks source code ( whatever available in link give by you.
). I tried understand that but it did not make sense to me.So please guide
me in accomplishing this task.

It would be great if you could help me out.

Please reply me ASAP.

Regards,
Rahul Kaushik 

Peter Pentchev wrote:
> 
> On Wed, Apr 08, 2009 at 02:36:14AM -0700, rahul kaushik wrote:
>> 
>> I have  been asked  to support PGP for a application. the most likely
>> scenario would be to implement a key server that would allow customers to
>> manage their keys. This will of course come with some complications, in
>> terms of interface, provisioning and management.
>> 
>> Could anybody please help me out in knowing how can i write a server
>> using
>> unix c/C++.
>> 
>> If there is any document available on internet which can be helpful. It
>> would be great if you could 
>> please let me know.
> 
> Is there a reason why you can't use any of the existing keyserver
> software?
> 
> Avoided: http://www.mit.edu/people/marc/pks/
> Preferred: http://minskyprimus.net/sks/
> 
> If you need it in C/C++ for better integration with your application,
> that's another thing.  Still, even in that case, you might want to
> take a look at the SKS source to see how things are done.
> 
> G'luck,
> Peter
> 
> -- 
> Peter Pentchevr...@ringlet.netr...@space.bgr...@freebsd.org
> PGP key:  http://people.FreeBSD.org/~roam/roam.key.asc
> Key fingerprint   FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
> I had to translate this sentence into English because I could not read the
> original Sanskrit.
> 
>  
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 
> 

-- 
View this message in context: 
http://www.nabble.com/Help-Solicited-to-implement-a-new-pgp-key-server-tp22946814p23032448.html
Sent from the GnuPG - User mailing list archive at Nabble.com.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Help Solicited to implement a new pgp key server

[Peter Pentchev]

On Wed, Apr 08, 2009 at 02:36:14AM -0700, rahul kaushik wrote:
> 
> I have  been asked  to support PGP for a application. the most likely
> scenario would be to implement a key server that would allow customers to
> manage their keys. This will of course come with some complications, in
> terms of interface, provisioning and management.
> 
> Could anybody please help me out in knowing how can i write a server using
> unix c/C++.
> 
> If there is any document available on internet which can be helpful. It
> would be great if you could 
> please let me know.

Is there a reason why you can't use any of the existing keyserver
software?

Avoided: http://www.mit.edu/people/marc/pks/
Preferred: http://minskyprimus.net/sks/

If you need it in C/C++ for better integration with your application,
that's another thing.  Still, even in that case, you might want to
take a look at the SKS source to see how things are done.

G'luck,
Peter

-- 
Peter Pentchev  r...@ringlet.netr...@space.bgr...@freebsd.org
PGP key:http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
I had to translate this sentence into English because I could not read the 
original Sanskrit.


pgpqLlyhOI4vK.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Help Solicited to implement a new pgp key server

[David Shaw]

On Apr 8, 2009, at 5:36 AM, rahul kaushik wrote:



I have  been asked  to support PGP for a application. the most likely
scenario would be to implement a key server that would allow  
customers to
manage their keys. This will of course come with some complications,  
in

terms of interface, provisioning and management.

Could anybody please help me out in knowing how can i write a server  
using

unix c/C++.

If there is any document available on internet which can be helpful.  
It

would be great if you could
please let me know.


My advice is to not reinvent the wheel unless you need something  
substantially different from the two standard keyservers on the net:


1) SKS: http://www.nongnu.org/sks/

Main pro: Syncing with other keyservers
Main con: Client cannot manage keys beyond adding to them (i.e. no  
deletes or replacements - you can only add new signatures/subkeys).


2) LDAP: (any LDAP server you have handy)

Main pro: Allows client to completely manage keys (i.e. deletes,  
replacements work)

Main con: No syncing with other keyservers

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Help Solicited to implement a new pgp key server

[rahul kaushik]

I have  been asked  to support PGP for a application. the most likely
scenario would be to implement a key server that would allow customers to
manage their keys. This will of course come with some complications, in
terms of interface, provisioning and management.

Could anybody please help me out in knowing how can i write a server using
unix c/C++.

If there is any document available on internet which can be helpful. It
would be great if you could 
please let me know.


Thanks in advance
-- 
View this message in context: 
http://www.nabble.com/Help-Solicited-to-implement-a-new-pgp-key-server-tp22946814p22946814.html
Sent from the GnuPG - User mailing list archive at Nabble.com.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: How to use the Apple Product Security PGP Key + Protecting Security Information ~~ F.Y.I.

[Todd Zullinger]

gerry_lowry (alliston ontario canada) wrote:
> The Internet took off when Microsoft, for better or worse, included
> and promoted Internet Explorer in Windows 95, thus beginning the so
> called browser wars.

That's quite arguable.  Why do you assume that MS introducing IE
*cause* the internet to take off instead of being their (delayed)
reaction to the internet taking off without them? :)

> I would be surprised and also happy to see Microsoft promote PGP/GPG
> technology.  I do not actually expect that to happen.  If it did, it
> would be good if Microsoft could stimulate PGP/GPG technology with
> more user friendliness since at the moment there's much to learn to
> understand and begin using PGP/GPG technology.

Not that I care whether MS uses, promotes, or maligns PGP/GnuPG, but:

https://www.microsoft.com/technet/security/bulletin/pgp.mspx

(Personally, I find that MS using PGP to sign their security notices
amusing.  That must be the most secure thing about their OS. :-)

-- 
ToddOpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~
Truth is like a well-known whore.  Everybody knows her but it's
embarrassing to meet her in the street.
-- Wolfgang Borchert



pgp5MZw5SZbL1.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: How to use the Apple Product Security PGP Key + Protecting Security Information ~~ F.Y.I.

[Joseph Oreste Bruni]

On Feb 23, 2009, at 8:49 AM, gerry_lowry (alliston ontario canada)  
wrote:



http://support.apple.com/kb/HT1620
How to use the Apple Product Security PGP Key

http://www.apple.com/support/security/pgp/
Protecting Security Information

F.Y.I.:  I've not noticed anything similar from Microsoft and other  
software companies.


Most seem to be happy with MD5 and SHA1 for files and nothing else.

Also, Apple even provides links to PGP Corporation and GnuPG plus  
its key and key ID.


  This is our PGP key which is valid until May 15, 2010
  Key ID: 0x8A648901 Key Type: RSA Expires: 5/15/10 Key Size:  
2048/2048

  Fingerprint: 39EC C76A 3D62 7062 C321 10B2 7928 75E8 8A64 8901
  UserID: Apple Product Security

This from Apple is like an endorsement of PGP/GPG technology.



One of the bugs I filed with Apple is how their Product Security group  
uses PGP signatures for the advisories, but their own Mail application  
only supports S/MIME and certificates. This is fine, but I'd like to  
see them be a bit consistent.





smime.p7s
Description: S/MIME cryptographic signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

How to use the Apple Product Security PGP Key + Protecting Security Information ~~ F.Y.I.

[gerry_lowry (alliston ontario canada)]

http://support.apple.com/kb/HT1620
How to use the Apple Product Security PGP Key

http://www.apple.com/support/security/pgp/
Protecting Security Information

F.Y.I.:  I've not noticed anything similar from Microsoft and other software 
companies.

Most seem to be happy with MD5 and SHA1 for files and nothing else.

Also, Apple even provides links to PGP Corporation and GnuPG plus its key and 
key ID. 

   This is our PGP key which is valid until May 15, 2010
   Key ID: 0x8A648901 Key Type: RSA Expires: 5/15/10 Key Size: 2048/2048
   Fingerprint: 39EC C76A 3D62 7062 C321 10B2 7928 75E8 8A64 8901
   UserID: Apple Product Security 

This from Apple is like an endorsement of PGP/GPG technology.

So few people use PGP/GPG technology openly.

The Internet took off when Microsoft, for better or worse, included and promoted
Internet Explorer in Windows 95, thus beginning the so called browser wars.

I would be surprised and also happy to see Microsoft promote PGP/GPG technology.
I do not actually expect that to happen.  If it did, it would be good if 
Microsoft could
stimulate PGP/GPG technology with more user friendliness since at the moment
there's much to learn to understand and begin using PGP/GPG technology.

Regards,
Gerry (Lowry)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Importing old PGP key

[vedaal]

>Message: 6
>Date: Wed, 13 Aug 2008 11:54:18 +0200 (CEST)
>From: "Kiss Gabor (Bitman)" <[EMAIL PROTECTED]>
>Subject: Importing old PGP key

>I have the same problem as was answered by David Shaw in 2004:
>http://osdir.com/ml/gnu.gnupg.users/2004-06/msg00022.html
>(Converting a vry old PGP key (2.6.3ia) to GnuPG.)
>
>However the method he suggested does not work for me:
>
>
>$ gpg --s2k-cipher-algo cast5 --edit-key 0x5D144299
>gpg (GnuPG) 1.4.6; Copyright (C) 2006 Free Software Foundation, 
>Inc.
>This program comes with ABSOLUTELY NO WARRANTY.
>This is free software, and you are welcome to redistribute it
>under certain conditions. See the file COPYING for details.
>
>Secret key is available.
>
>pub   512R/5D144299  created: 1999-04-12  expires: never   
>usage:
>SCEA
> trust: unknown   validity: unknown
>[ unknown] (1). hun.admin.news
>
>Command> passwd
>Key is protected.
>gpg: protection algorithm 1 (IDEA) is not supported
>gpg: the IDEA cipher plugin is not present
>gpg: please see http://www.gnupg.org/faq/why-not-idea.html for 
>more information
>Can't edit this key: unknown cipher algorithm
>
>Command> 
>
>
>What should I do?


get the IDEA algorithm
ftp://ftp.gnupg.dk/pub/contrib-dk/ideadll.zip

unzip it, and save it to any folder
(for illustration, let's say it was saved as 'c:\gnupg\idea.dll')

add this line to your gpg.conf :
load-extension c:\gnupg\idea.dll

then follow David's suggestion

then consider following Robert's suggestion ;-)
(generate a new key,
and decrypt whatever files are encrypted to the old key, 
and re-encrypt them to the new key)

n.b.

if, for some reason, you still need to communicate 
with die-hard pgp 2.x users,
(relax, i'm one of them ;-) )

then i suggest you generate a 2047 key in pgp 2.x
and re-import it to gnupg,
and use the option of --pgp2 whenever you need to communicate with 
a pgp 2.x user)

(some 'really early' versions of pgp 2.x,
had a max of 2047, not 2048 ;-) )
and current versions of gnupg won't let you generate a v3 key,
and even if you have an older version that does,
it's not such a simple procedure to generate a pgp 2.x compatible 
one...)

otherwise,
just use the 'default' for gnupg key generation


vedaal


any ads or links below this message are added by hushmail without 
my endorsement or awareness of the nature of the link

--
Save hundreds on getting a Web Design Degree. Click here.
http://tagline.hushmail.com/fc/Ioyw6h4fMueeRt35OAiMiGkjJoGEtl2rsF0s2foIDgKh4LdeW5s0NJ/


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [GnuPG-users] Importing old PGP key

[Werner Koch]

On Wed, 13 Aug 2008 16:09, [EMAIL PROTECTED] said:

> If this cannot be done by my self in one hour then I figure out
> what is the cost of changing the key.

Use pgp to set the passphrase to empty, then export the secret key and
import it in gpg.  If you like add a new passphrase using gpg --edit-key
and the passwd.



Shalom-Salam,

   Werner

-- 
Linux-Kongress 2008 + Hamburg + October 7-10 + www.linux-kongress.org

   Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [GnuPG-users] Importing old PGP key

[Kiss Gabor (Bitman)]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> I'd start by asking whether you really need that key.  512-bit RSA is
> nowhere near modern standards of sufficiency; it is quite likely that in
> just a few years such keys will be able to be broken by motivated high
> school students.

This key is to sign control messages of the hun.* newsgroups.
It is quite unlikely that someone wants to spend any time with
breaking of it. :-)
It is no worth to do it.
However administering and distribute a new key may be problematic.
I don't know yet how much.

> RSA-512 is grossly inadequate for essentially any serious cryptographic
> purpose.
> 
> If you absolutely _must_ have this key in GnuPG, well, we can help you
> do it.  But first ask yourself whether you should be migrating to 2kbit
> keys.  If so, then now is the ideal time to do it.

If this cannot be done by my self in one hour then I figure out
what is the cost of changing the key.

Thanks for your advices.

Gabor
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFIousQd2oiOrtquzgRArG1AKDHANs38lIlvPuqt7Kuvgd4HRsCXQCg0VLL
GT/b1bb+YqdpxqVH5nDfrmI=
=+2W1
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Importing old PGP key

[Robert J. Hansen]

Kiss Gabor (Bitman) wrote:
> What should I do?

I'd start by asking whether you really need that key.  512-bit RSA is
nowhere near modern standards of sufficiency; it is quite likely that in
just a few years such keys will be able to be broken by motivated high
school students.

RSA-512 is grossly inadequate for essentially any serious cryptographic
purpose.

If you absolutely _must_ have this key in GnuPG, well, we can help you
do it.  But first ask yourself whether you should be migrating to 2kbit
keys.  If so, then now is the ideal time to do it.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Importing old PGP key

[Kiss Gabor (Bitman)]

I have the same problem as was answered by David Shaw in 2004:
http://osdir.com/ml/gnu.gnupg.users/2004-06/msg00022.html
(Converting a vry old PGP key (2.6.3ia) to GnuPG.)

However the method he suggested does not work for me:


$ gpg --s2k-cipher-algo cast5 --edit-key 0x5D144299
gpg (GnuPG) 1.4.6; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Secret key is available.

pub   512R/5D144299  created: 1999-04-12  expires: never   usage:
SCEA
 trust: unknown   validity: unknown
[ unknown] (1). hun.admin.news

Command> passwd
Key is protected.
gpg: protection algorithm 1 (IDEA) is not supported
gpg: the IDEA cipher plugin is not present
gpg: please see http://www.gnupg.org/faq/why-not-idea.html for more information
Can't edit this key: unknown cipher algorithm

Command> 


What should I do?

Gabor

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users