Re: [TCLUG:11721] Email Security (was Re: [TCLUG:11699] Mess ...)

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:11721] Email Security (was Re: [TCLUG:11699] Mess ...)
From: "Eric M. Hopper" <hopper@omnifarious.mn.org>
Date: Thu, 30 Dec 1999 12:50:16 -0600
In-Reply-To: <Pine.GSO.4.10.9912301232160.6002-100000@isis.visi.com>
References: <19991230122215.E32702@omnifarious.mn.org> <Pine.GSO.4.10.9912301232160.6002-100000@isis.visi.com>

On Thu, Dec 30, 1999 at 12:37:09PM -0600, Thomas Veldhouse wrote:
> There are plenty of crack programs that will do this - in a
> reasonable amount of time too (most within a day).  Most programs
> that I have seen usually try common words first and work their way
> to the more abstract.  In a case where you manually type such a
> difficult password each time you send an email, it might have a more
> difficult time cracking it.  Although I see the sum total of the
> effort to secure it (typing such a password repeatedly) an enormous
> obstacle to practicle security (my opinion of course).

	I've thought of writing a daemon that would sit around and sign
things.

	It would keep your unecrypted private key in secure memory, and
wipe it under certain conditions, like you not having entered your
password in set amount of time.  And it would probably also wipe it
after a certain number of signatures had been made, limiting damage.

	It would use file-descriptor passing to verify that any program
requesting a signature was really run by you.

	It would be a little less secure.

	Some person could wait around as root, waiting for you to run
the program, then su to you and use it to forge signatures.  This would
run the risk of popping up a dialog box on your screen, requesting a
pass-phrase when you hadn't asked for anything to be signed.

	Of course, right now I'm typing my passphrase into an X window,
which is passing it to a program that sends it to a pseudo terminal
where it is again passed through a file descriptor to the program that
does the actual signing.  Lots of points of interception there if the
person has root on your box.

	Ideally, I'd have some Palm Pilot like device that could sign
things after getting some verification from me that I am who I am.  That
would both be more convenient, AND more secure.  If I lost it, I could
quickly post my key revokation signature to the net, and it's likely the
attacker wouldn't have cracked it by then.

Have fun (if at all possible),
-- 
Its name is Public Opinion.  It is held in reverence. It settles everything.
Some think it is the voice of God.  Loyalty to petrified opinion never yet
broke a chain or freed a human soul.     ---Mark Twain
-- Eric Hopper (hopper@omnifarious.mn.org  http://omnifarious.mn.org/~hopper) --

PGP signature

Follow-Ups:
- Re: [TCLUG:11721] Email Security (was Re: [TCLUG:11699] Mess ...)
  - From: Thomas Veldhouse <veldy@visi.com>

References:
- Re: [TCLUG:11721] Email Security (was Re: [TCLUG:11699] Mess ...)
  - From: "Eric M. Hopper" <hopper@omnifarious.mn.org>

Prev by Date: Re: [TCLUG:11736] Can't print to NT printer
Next by Date: mirror @ cs.umn.edu
Prev by thread: Re: [TCLUG:11721] Email Security (was Re: [TCLUG:11699] Mess ...)
Next by thread: Re: [TCLUG:11721] Email Security (was Re: [TCLUG:11699] Mess ...)
Index(es):
- Date
- Thread