Re: New smart card / token alternative

[Peter Lebbing]

On 09/11/17 00:39, listo factor via Gnupg-users wrote:
> Real-life threat-models are much more varied than what Alice, Bob
> and Eve would have us believe.

Hey, note that I'm not advocating against this proposed new alternative;
it sounds like you think I do. I explicitly said I'm not commenting on
it. I currently don't have the time to invest.

(I didn't understand the relevance of the part of your reply I snipped
at all, though. I must be overlooking a bit of context. But let's just
end that line of discussion, I merely wanted to quickly point out what I
said about unique identifiers and don't have the time to look at it more.)

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New smart card / token alternative

[listo factor via Gnupg-users]

On 11/08/2017 03:45 PM, Peter Lebbing wrote:

On 08/11/17 16:27, ved...@nym.hush.com wrote:

or, more practically, just post anonymously to a blog or website,
using --throw-keyid, with a pre-arranged understanding that the
sender and receiver post to and check certain websites


I did not phrase it properly, leading to a misunderstanding.

We are talking about using a smartcard on a compromised computer. I
reasoned from the OpenPGP Card specification[1]. You can simply ask the
smartcard for the public key; the actual cryptographic public key.

So as an attacker with control over the computer, you see that someone
succesfully decrypts a document using his OpenPGP card. You ask the
smartcard for the public key that was used to encrypt the document, and
you have a fully unique identifier for the key that was used.


there are many real-world use cases where the recipient does not mind
that an adversary knows he is receiving encrypted communication, as
long as the content is secure, but where the sender can be exposed
to various levels of unpleasantness if the adversary can find out
he is communicating with a specific recipient, using encryption.

The ownership of a device such as one discussed in this thread is
trivial to conceal, especially when compared to a computer equipped
to participate in encrypted communications.

Real-life threat-models are much more varied than what Alice, Bob
and Eve would have us believe.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New smart card / token alternative

[Peter Lebbing]

On 08/11/17 16:27, ved...@nym.hush.com wrote:
> or, more practically, just post anonymously to a blog or website,
> using --throw-keyid, with a pre-arranged understanding that the
> sender and receiver post to and check certain websites

I did not phrase it properly, leading to a misunderstanding.

We are talking about using a smartcard on a compromised computer. I
reasoned from the OpenPGP Card specification[1]. You can simply ask the
smartcard for the public key; the actual cryptographic public key.

So as an attacker with control over the computer, you see that someone
succesfully decrypts a document using his OpenPGP card. You ask the
smartcard for the public key that was used to encrypt the document, and
you have a fully unique identifier for the key that was used.

HTH,

Peter.

[1] It isn't clear to me whether this project is actually adhering to
the OpenPGP card specification, though, I didn't check. I realised this
only later.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New smart card / token alternative

[vedaal]

On 11/7/2017 at 12:10 PM, "Peter Lebbing"  wrote:

>How exactly can the identity ever be unknown when we're talking 
>about stuff encrypted to an OpenPGP public key or signed by one? That's a
>completely unique identifier!

=

 Well, if someone were really *crazy enough* he could send the PGP encrypted 
message using --throw-keyid to all email sites listed on PGP keyservers ... (i 
hope no one is *that* crazy ... ;-)   )

or, more practically, just post anonymously to a blog or website, using 
--throw-keyid,
with a pre-arranged understanding that the sender and receiver post to and 
check certain websites

This could be facilitated by Tails/Tor, although there are still some 
vulnerabilities:
https://tails.boum.org/doc/about/warning/index.en.html#index2h1

vedaal


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New smart card / token alternative

[timothy.steiner--- via Gnupg-users]

If you are using something like Tails you would probably just install the GPG 
agent. Tails allows installing additional software - 
https://tails.boum.org/doc/advanced_topics/additional_software/index.en.html. 
U2F is available in the new version of Firefox being released later this year 
so if that is included in future Tails release then there would be in-browser 
support in Tails.
The risk mentioned with a key-logger/screen capture is the same for all smart 
cards/tokens, and really all methods of composing a message on a computer. The 
risk would even apply to Tails if say the user installed malicious software or 
browsed to a site that exploited a browser vulnerability. 

On Monday, November 6, 2017, 5:26:51 PM EST,  wrote:  
 
 

On 11/6/2017 at 4:55 PM, "Tim Steiner"  wrote:

\We have been working on a project to build a direct interface for PGP/GPG 
usage using U2F for web apps and browser extensions. This is similar to 
existing smart cards and tokens but no software install is required.

We set out to solve this problem -"Man, I really wish I could read this PGP 
message, or send this message, or open this file, or sign this file, but I 
don't have my laptop with me"

With this solution you can keep the key offline, carry it with you and it works 
even on a computer where you can't install software - 
https://www.kickstarter.com/projects/1048259057/onlykey-quantum-future-ready-encryption-for-everyo

We are interested to hear feedback on this approach from the community.

=

Using this on anything except your own computer, or laptop, is problematic, 
as the 'host' computer can have a key-logger or screen capturer, and copy the 
decrypted plaintext, or the plaintext to be encrypted.

Can it be made to work with Tails/Tor which uses GunPG ?

(The  'insecure' browser on Tails not involving Tor, is a Firefox variant.  
If it can work on that, then booting from the Tails USB avoids a 
screencapturer, and using on on-screen keyboard avoids a hardware keyboard 
logger.

But even so, there are problems with using it on an 'unknown' computer :

https://tails.boum.org/doc/about/warning/index.en.html#index2h1


vedaal

  ___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New smart card / token alternative

[listo factor via Gnupg-users]

On 11/06/2017 10:26 PM, ved...@nym.hush.com wrote:


On 11/6/2017 at 4:55 PM, "Tim Steiner"  wrote:

With this solution you can keep the key offline, carry it with you and it  > 
works even on a computer where you can't install software...

>

We are interested to hear feedback on this approach from the community.


=

Using this on anything except your own computer, or laptop, is problematic...


=

This is a mantra from another, more gentle time.

Today, there is a whole class of real-world use cases where the
protection of the user demands that it not be known to the adversary
he or she is communicating with someone, as much - or even more -
than it is required that the content of the communication is kept
confidential. If the connection between the user and the computer
is transient, there may well be many instances where the adversary
will not be able to identify the user, even if he manages to learn
the content, and where the content, without the identity of the
communicator, is of very limited value to the adversary.

It therefore appears to me this is a worthwhile project, provided,
like always, *and for any crypto*, the user understands his or her
threat model.



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New smart card / token alternative

[Philipp Klaus Krause]

Am 06.11.2017 um 23:26 schrieb ved...@nym.hush.com:
> 
> 
> On 11/6/2017 at 4:55 PM, "Tim Steiner"  wrote:
> 
> \We have been working on a project to build a direct interface for
> PGP/GPG usage using U2F for web apps and browser extensions. This is
> similar to existing smart cards and tokens but no software install is
> required.
> 
> We set out to solve this problem -"Man, I really wish I could read
> this PGP message, or send this message, or open this file, or sign
> this file, but I don't have my laptop with me"
> 
> With this solution you can keep the key offline, carry it with you
> and it works even on a computer where you can't install software -
> https://www.kickstarter.com/projects/1048259057/onlykey-quantum-future-ready-encryption-for-everyo
>
>  We are interested to hear feedback on this approach from the
> community.
> 
> =
> 
> Using this on anything except your own computer, or laptop, is
> problematic, as the 'host' computer can have a key-logger or screen
> capturer, and copy the decrypted plaintext, or the plaintext to be
> encrypted.

I have often been insituations, where I had access to a friend's
computer, and you trust the friend and their computer skills enough to
handle a message on their computer.

A typical scenario might even be a sending a signed message where the
contents are intentionally known to that friend.

While I tend to carry my laptop with me often, not everyone does.

Philipp

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New smart card / token alternative

[Seby]

Hello,


"Tim Steiner"  wrote:

We have been working on a project to build a direct interface for PGP/GPG
usage using U2F for web apps and browser extensions. This is similar to
existing smart cards and tokens but no software install is required.

We set out to solve this problem -"Man, I really wish I could read this PGP
message, or send this message, or open this file, or sign this file, but I
don't have my laptop with me"

With this solution you can keep the key offline, carry it with you and it
works even on a computer where you can't install software -
https://www.kickstarter.com/projects/1048259057/onlykey-
quantum-future-ready-encryption-for-everyo

We are interested to hear feedback on this approach from the community.

Tim Steiner
CISSP-ISSAP, C|EH, OSCP, PMP
Email: t...@crp.to
CryptoTrust | crp.to


Your product provides a false sense of security. Educating users that is is
somehow safe is a terrible mistake. Telling users it is safe to plug in any
computer and encrypt decrypt stuff is a terrible idea.

How was your budget distributed? What hardware and firmware do you use what
security audit have you done?

Even if the things in second paragraph are fixed first paragraph still
stands.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: New smart card / token alternative

[vedaal]

On 11/6/2017 at 4:55 PM, "Tim Steiner"  wrote:

\We have been working on a project to build a direct interface for PGP/GPG 
usage using U2F for web apps and browser extensions. This is similar to 
existing smart cards and tokens but no software install is required.

We set out to solve this problem -"Man, I really wish I could read this PGP 
message, or send this message, or open this file, or sign this file, but I 
don't have my laptop with me"

With this solution you can keep the key offline, carry it with you and it works 
even on a computer where you can't install software - 
https://www.kickstarter.com/projects/1048259057/onlykey-quantum-future-ready-encryption-for-everyo

We are interested to hear feedback on this approach from the community.

=

Using this on anything except your own computer, or laptop, is problematic, 
as the 'host' computer can have a key-logger or screen capturer, and copy the 
decrypted plaintext, or the plaintext to be encrypted.

Can it be made to work with Tails/Tor which uses GunPG ?

(The  'insecure' browser on Tails not involving Tor, is a Firefox variant.   
If it can work on that, then booting from the Tails USB avoids a 
screencapturer, and using on on-screen keyboard avoids a hardware keyboard 
logger.

But even so, there are problems with using it on an 'unknown' computer :

https://tails.boum.org/doc/about/warning/index.en.html#index2h1


vedaal


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users