Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Introducing TGP...
From: "Thor (Hammer of God)" <Thor () hammerofgod com>
Date: Mon, 14 Jun 2010 21:40:30 +0000

Hey Nid - 

-----Original Message-----
From: Nid [mailto:nidfulldisc () googlemail com]
Sent: Monday, June 14, 2010 11:18 AM
To: Thor (Hammer of God)
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Introducing TGP...

Hi Timothy

TGP - "Thor's Godly Privacy"

06/13/10 v1.1.06

First of all you should keep in mind, that base64 raises the size of your data
by 33%.

Yep.  I'm fine with that.  One can always zip the data. 

posting big files especially on mailing lists might offend the other users of the
list. specially if you see the headline of lsi's answer.
there your message is marked as spam. Also assuming to have a lot of people
behaving like this would result in moderated lists.
BTW why not storing your data on rented space?

Of course - all that goes without saying (well, I guess not ;)  - I was just using that as an example.  Mailing list, 
facebook, blog, whatever.  Of course there will be some places where that won't be appropriate, but that much should be 
obvious.  We could use Google cache for that matter...  The point was the portability options one has in a public 
environment; let's not get bogged down into things like "spam" - that takes the focus off the real point.

The next issue is that you can not trust private keys which are published on
the internet with respect to signatures. These keys could have been cracked.
Using such a key only for yourself to have data on the internet seems also
not to make sense. It could be better placed on a private machine where you
have controled access to for example with VPN or ssh.

Well, that's the whole point.  In TGP, I use AES256 bit encryption based on what should be a strong passphrase in 
combination with a salt to protect the private key.  To crack that private key, you would have to brute force the 
entire keyspace, which is currently not technically feasible, or have a custom-made rainbow table with also is not 
technically feasible for my 20 character passphrase and salt.   If you are going to "trust" encryption, then the key's 
integrity should be acceptable.  But, if you don't want to publish it, then don't.  Problem solved.  Please don't 
misunderstand my statements - I'm not saying one has to do that.  I'm saying that one *could* do that if you wanted to. 
 I could post 20 different private keys around the world in different places if I wanted to, but only use the one *I* 
know is used.  There are a million ways of doing it.  However, I think you are missing the logic that if your private 
key could really be cracked, and thus I could get the key 
 required to asymmetrically decrypt the key used to symmetrically decrypt the CryptoBlob, then I would not bother with 
the key at all and just crack the crypto blob.   Further, if one could just "crack" the key, then one would just 
"crack" the VPN encryption or SSL encryption and get your private key that you had controlled access to.  If I have to 
pick a locked cased to get to a key that opens another case, I'd just pick the lock on the other case.  Why looking at 
encrypted data as something that has to be further protected -- just make sure the encryption is sound in the first 

The next point is if you would like to use the key in an internet cafe at a
restaurant, you will not be able to trust the machine. most likely there is a
trojan on it or a key grabber.

I wouldn't say "most likely" but that's a great point.  However, it doesn't matter if the machine is owned - I'm just 
copying the data off of it. Hell, I could print out my key if I wanted to and type it back into my own system.  Even 
better, if I'm using other people's public keys to encrypt data, it won't matter if the machine has a key logger.  I 
don't type passwords for people's public keys.   But like I already said - if you don't want to post it, don't.   Easy. 
 I actually speak to that in the part of my post direct below that you quoted... 

Normally, you want to keep your private keys as safe as possible. This
is still the case with TGP. However, it is trivial to build as many
private keys as you wish to use for anything you want to use them for.
TGP Private Key files are password protected and individually salted,
so with a strong passphrase you have very reasonable assurance that no
one is going to get to your key any time soon. So, you can create a
private key with a strong password, post that, and then, say, encrypt
a scan of your passport and post that. Then if you are ever in a pinch
while travelling or something like that, you can simply use Google or
Bing to access your data wherever you are.

Thanks for the comments! 


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]