Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Introducing TGP...
From: rembrandt <rembrandt () jpberlin de>
Date: Tue, 15 Jun 2010 01:30:38 +0200

On Mon, 14 Jun 2010 21:40:30 +0000
"Thor (Hammer of God)" <Thor () hammerofgod com> wrote:

Hey Nid - 

-----Original Message-----
From: Nid [mailto:nidfulldisc () googlemail com]
Sent: Monday, June 14, 2010 11:18 AM
To: Thor (Hammer of God)
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Introducing TGP...

Hi Timothy

TGP - "Thor's Godly Privacy"

06/13/10 v1.1.06

First of all you should keep in mind, that base64 raises the size of your data
by 33%.

Yep.  I'm fine with that.  One can always zip the data. 

posting big files especially on mailing lists might offend the other users of the
list. specially if you see the headline of lsi's answer.
there your message is marked as spam. Also assuming to have a lot of people
behaving like this would result in moderated lists.
BTW why not storing your data on rented space?

Of course - all that goes without saying (well, I guess not ;)  - I was just using that as an example.  Mailing list, 
facebook, blog, whatever.  Of course there will be some places where that won't be appropriate, but that much should 
be obvious.  We could use Google cache for that matter...  The point was the portability options one has in a public 
environment; let's not get bogged down into things like "spam" - that takes the focus off the real point.

The next issue is that you can not trust private keys which are published on
the internet with respect to signatures. These keys could have been cracked.
Using such a key only for yourself to have data on the internet seems also
not to make sense. It could be better placed on a private machine where you
have controled access to for example with VPN or ssh.

Well, that's the whole point.  In TGP, I use AES256 bit encryption based on what should be a strong passphrase in 
combination with a salt to protect the private key.  To crack that private key, you would have to brute force the 
entire keyspace, which is currently not technically feasible, or have a custom-made rainbow table with also is not 
technically feasible for my 20 character passphrase and salt.   If you are going to "trust" encryption, then the 
key's integrity should be acceptable.  But, if you don't want to publish it, then don't.  Problem solved.  Please 
don't misunderstand my statements - I'm not saying one has to do that.  I'm saying that one *could* do that if you 
wanted to.  I could post 20 different private keys around the world in different places if I wanted to, but only use 
the one *I* know is used.  There are a million ways of doing it.  However, I think you are missing the logic that if 
your private key could really be cracked, and thus I could get the ke
 required to asymmetrically decrypt the key used to symmetrically decrypt the CryptoBlob, then I would not bother 
with the key at all and just crack the crypto blob.   Further, if one could just "crack" the key, then one would just 
"crack" the VPN encryption or SSL encryption and get your private key that you had controlled access to.  If I have 
to pick a locked cased to get to a key that opens another case, I'd just pick the lock on the other case.  Why 
looking at encrypted data as something that has to be further protected -- just make sure the encryption is sound in 
the first place.

The next point is if you would like to use the key in an internet cafe at a
restaurant, you will not be able to trust the machine. most likely there is a
trojan on it or a key grabber.

I wouldn't say "most likely" but that's a great point.  However, it doesn't matter if the machine is owned - I'm just 
copying the data off of it. Hell, I could print out my key if I wanted to and type it back into my own system.  Even 
better, if I'm using other people's public keys to encrypt data, it won't matter if the machine has a key logger.  I 
don't type passwords for people's public keys.   But like I already said - if you don't want to post it, don't.   
Easy.  I actually speak to that in the part of my post direct below that you quoted... 

Normally, you want to keep your private keys as safe as possible. This
is still the case with TGP. However, it is trivial to build as many
private keys as you wish to use for anything you want to use them for.
TGP Private Key files are password protected and individually salted,
so with a strong passphrase you have very reasonable assurance that no
one is going to get to your key any time soon. So, you can create a
private key with a strong password, post that, and then, say, encrypt
a scan of your passport and post that. Then if you are ever in a pinch
while travelling or something like that, you can simply use Google or
Bing to access your data wherever you are.

Thanks for the comments! 


IT'S LIKE a record from talks of FX or so.. just useless shit....

And you should know when to STFU... seriously....
I wonder how FX can read this list foir years...

rembrandt <rembrandt () jpberlin de>

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]