[Owasp-leaders] Is it ok to share the PGP Keys and keep the PassPhrase private?

James McGovern JMcGovern at virtusa.com
Fri Oct 15 10:02:45 EDT 2010


On the chance that the passphrase is compromised, what would revocation
feel like in your mind?

 

James McGovern
Insurance SBU 

Virtusa Corporation

100 Northfield Drive, Suite 305 | Windsor, CT | 06095

Phone:  860 688 9900 Ext:  1037 | Facsimile:  860 688 2890  

  <http://www.virtusa.com/>    <http://www.virtusa.com/blog/>   
<https://twitter.com/VirtusaCorp>   
<http://www.linkedin.com/companies/virtusa>   
<http://www.facebook.com/VirtusaCorp> 

 

From: owasp-leaders-bounces at lists.owasp.org
[mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of dinis cruz
Sent: Friday, October 15, 2010 4:34 AM
To: owasp-leaders at lists.owasp.org
Subject: Re: [Owasp-leaders] Is it ok to share the PGP Keys and keep the
PassPhrase private?

 

Jeremy, I think you comment really captures my original thinking,
specially your last paragraph

"my initial thought was "no way", but then I had to think hard as to why
it's not acceptable to share the password-encrypted private key with a
justification beyond "it's a bad idea".  "

Since that was my exact thoughts! :)

I started by feeling like it should NOT be done, but when I tried to
find a rational and pragmatic reasons for NOT doing it, I couldn't come
up with any major items apart from "Make sure the PassPhrase is big
enough and protect the PassPhrase". 

Like Jeremy mentions in his email (below), there a number of factors
that could affect the overall security model of such solution, so from a
usability point of view, I'm trying to see if I (from a usability point
of view) can reduce it to a simple password/passphrase management
problem.

I actually think that one of the harder crypto problems we have today is
crypto usability (not to say that there are no technical challenges, but
at least there is plenty of understanding, effort and energy on how to
deal with them).

Basically we have to make crypto invisible to users so that they do the
right thing by default and effortless

Dinis Cruz

Blog: http://diniscruz.blogspot.com
Twitter: http://twitter.com/DinisCruz
Web: http://www.owasp.org/index.php/O2



On 14 October 2010 15:22, Jeremy Epstein <jeremy.j.epstein at gmail.com>
wrote:

This is a fascinating discussion, and I think there are a few key
points which have been made, but not always clearly.

(1) If the private key is protected by a password (as is common), then
the protection is a combination of at least four factors: (a) the
strength of the password, (b) how effectively the password is used to
protect the bits (i.e., if it's just XORed, it's not that good!) (*),
(c) how resilient the computer holding the private key is against
software attacks, and (d) how resilient the computer holding the
private key is against theft or other hardware attacks.  The reason
it's not OK to share the private key encrypted by the password is a
combination of ALL of these - and once you give away the
key-protected-by-password to someone else, you are relying on how
*they* implement (c) and (d).

(*) There are standard ways to do this, so it's probably not a major
factor - but we've all seen cases where the password protecting the
private key is used in a foolish way that provides minimal protection.
 In that case, all that protects the key is the resiliency of the
computer - i.e., items (c) and (d).  So giving the password-encrypted
key away is a losing proposition.

(2) The strength of a system isn't always where it appears to be - if
the entire protection of the key is based on the strength of the
password (and not the other measures mentioned above), then it doesn't
matter if it's a 512 or 4096 bit RSA key (as an example).  It's no
longer a public key system.

[There was a system I analyzed years ago that had a sophisticated
password strength system - but it made no difference because the
password was hashed in the client and sent to the server, which
compared the hashed password to a stored value.  So what the person
*thought* was the password was just an input to a poorly-designed hash
function, and what really mattered to the security of the system was
the distribution of outputs of the hash function!]

Thank you for the thought-provoking discussion - my initial thought
was "no way", but then I had to think hard as to why it's not
acceptable to share the password-encrypted private key with a
justification beyond "it's a bad idea".

Regards,
--Jeremy

_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders

 


Virtusa was recently ranked and featured in 2010 Global Services 100, IAOP's 2010 Global Outsourcing 100 sub-list, 2009 Deloitte Technology Fast 500 and 2009 Dataquest-IDC Best Employers Survey among others.

---------------------------------------------------------------------------------------------

This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only. Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.

---------------------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101015/c98e14bb/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 1397 bytes
Desc: image001.jpg
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101015/c98e14bb/attachment-0001.jpe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 744 bytes
Desc: image002.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101015/c98e14bb/attachment-0004.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1211 bytes
Desc: image003.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101015/c98e14bb/attachment-0005.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 789 bytes
Desc: image004.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101015/c98e14bb/attachment-0006.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 763 bytes
Desc: image005.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101015/c98e14bb/attachment-0007.gif 


More information about the OWASP-Leaders mailing list