Re: Side-channel attacks

[Стефан Васильев via Gnupg-users]

Johan Wevers wrote:


On 17-01-2022 0:09, Robert J. Hansen via Gnupg-users wrote:


I was asked for help with something in the 1.2 series (!!).  Without
exception, our first response is usually "for the love of God, 
upgrade!"


They rarely do.  It's worked fine for them for a decade or more, and
they're not going to change...


Well, a bit more respect for backwards compatibility would help a lot 
by

that. Now I'm forced to keep an 1.4 and pgp 2.6 version installed just
to be able to read all my old data. Some people just refuse to update 
to

versions that routinely break backwards compatibility.


I know from people that they use GnuPG 1.4 (Windows) for portability on
a USB stick and therefore it could be run in a native Windows 10 
sandbox,

while also running a Tor hidden service in the sandbox, to communicate
encrypted, without relying on third party client/server models via VPS 
or

major email providers.

Is it possible to do that with the latest gpg4win?

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG - signed Telefax communication

[Стефан Васильев via Gnupg-users]

Stuart Longland wrote:


On Fri, 14 Jan 2022 20:50:57 +
Стефан Васильев  wrote:



Would you like to explain a bit such schemes? I am aware, for example,
that GnuPG on a mini offline laptop can beat *all* smartphone crypto
messenger, when it comes to endpoint security, when used with a dumb
phone with a USB port and while sending GnuPG MMS messages. All
users need for that is a software from GitHub, which can convert GnuPG
messages to .png images and back. Simply search there for 'imgify'.


https://github.com/dmshaw/paperkey/ is one such scheme, intended for
making a private key back-up.  It could probably be adapted to store
arbitrary data.

There may be others, I just can't put my finger on them now.


Ah ok, you referred to encoding key material.

I just did a quick look and found this, which I may explore a little.

http://ronja.twibright.com/optar/

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG - signed Telefax communication

[Стефан Васильев via Gnupg-users]

Ángel wrote:


On 2022-01-14 at 16:42 +, Стефан Васильев wrote:

Hi all,

If people have a modern Telefax machine, have you ever
tried out to send a GnuPG signed Fax?

I was thinking about the following:

One prepares his message in the following way:

---begin message---

Message.

--end message---

Then saves the message, detach signs it and converts the
detached signature as QR-code which is put then also on
the Fax document, while the receiver then OCR scans the
document and decodes the QR-code.



What's wrong with simply using a PGP clearsign signature?


I tried in the past to OCR scan armored GnuPG payloads, but
it introduced errors in some characters. And in case this
happens to others, how can users not having the original digital
document correct then errors?

If this works 100 percent reliable for you, you could explain the
required (standard) settings for printed/scanned documents.

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG - signed Telefax communication

[Стефан Васильев via Gnupg-users]

Stuart Longland wrote:


On Fri, 14 Jan 2022 17:54:56 +
Стефан Васильев via Gnupg-users  wrote:


> If QR is an option, why not encode the entire message in QR?

I thought about that too, but in case the document would be several
pages long and would not fit into a QR-code. Ok, one can split the
large document and insert then several QR-codes into one Fax page.


I've experimented with using QR codes with OpenPGP on-and-off… mostly
as a mechanism for sharing the public keys: the idea being that you
could have business cards printed up with the back side containing a QR
code of your public key (not a fingerprint, the actual key).

In my experience, it is very hard to get the big and complex QR codes
to scan reliably.  Some of the QR codes used for COVID-19 contact
tracing and vaccination status _really_ push the limits -- with those
largish codes often failing to scan.

ECC keys could be made small enough to have a snowflake's chance in
hell of working.  4096-bit RSA was a no-go.


Thanks for sharing your experience, much appreciated!


There are schemes for encoding an image for printing onto a piece of
paper and later scanning it back in to recover the original data.  QR
code is obviously a more recent option, but was not the first.  These
may be worth pursuing.


Would you like to explain a bit such schemes? I am aware, for example,
that GnuPG on a mini offline laptop can beat *all* smartphone crypto
messenger, when it comes to endpoint security, when used with a dumb
phone with a USB port and while sending GnuPG MMS messages. All
users need for that is a software from GitHub, which can convert GnuPG
messages to .png images and back. Simply search there for 'imgify'.

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG - signed Telefax communication

[Стефан Васильев via Gnupg-users]

Andrew Gallagher wrote:


On 14/01/2022 18:22, Стефан Васильев wrote:

Good question. My thought was that Telefax is still used, among

lawyers, doctors, business folks etc., and brand-new Fax machines
can be bought on Amazon etc.


+1 for obsolescence! Beware of course that fax machines are VERY noisy,
and analogue lines are increasingly routed over VOIP, so if you're 
using
this as some kind of off-grid technique you're not going to get very 
far.


Well, but what I personally like about using a Fax machine is, that you 
get
a Fax report, can archive the Fax as a paper document, have in the Fax 
header

your data defined and can use with GnuPG a free-form UID explicitly used
for the Fax telephone number. And it is IMHO more decentralized and 
personal,

compared to email usage, when signing up for an email service. And you
don't need a MUA :-).


Yes, do you know of any QR-code software (open source) which could
do that task automatically, i.e. split a large (encoded) message into
several  QR-codes and reassemble later?


I don't know about QR codes, but splitting a single file into multiple
parts of a given size and reassembling them again can be done with the
venerable unix utilities `split` and `cat`.


Ok, I have to check this out and as a Windows solution, because it is
the most widely used OS. Maybe an idea for Werner and his commercial
version of GnuPG Desktop.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG - signed Telefax communication

[Стефан Васильев via Gnupg-users]

Andrew Gallagher wrote:


On 14/01/2022 17:54, Стефан Васильев wrote:


The idea is to use a Telefax machine for endpoint security, with
an offline usage PC, which for example gpg4win is ideal for.


Would it not be simpler to use a modem?


Good question. My thought was that Telefax is still used, among
lawyers, doctors, business folks etc., and brand-new Fax machines
can be bought on Amazon etc.


I thought about that too, but in case the document would be several
pages long and would not fit into a QR-code. Ok, one can split the
large document and insert then several QR-codes into one Fax page.


The largest standard QR code can hold just under 3kB of data in a 
single

image. If you need more than that you would probably have to split
across multiple sheets no matter what encoding system you choose.


Yes, do you know of any QR-code software (open source) which could
do that task automatically, i.e. split a large (encoded) message into
several  QR-codes and reassemble later?

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG - signed Telefax communication

[Стефан Васильев via Gnupg-users]

ved...@nym.hush.com wrote:


On 1/14/2022 at 11:46 AM, "Стефан Васильев via
Gnupg-users"  wrote:


Hi all,

If people have a modern Telefax machine, have you ever
tried out to send a GnuPG signed Fax?

=
You can simply armor sign the message.
Don't bother with the 'begin' and 'end' part, it can be added on the
receiving end.
OCR it into telefax and send.
I have never done this, and the few times I have tried similar
things, the OCR always made mistakes.

Anyone used an OCR program that reliably could get a page of gnupg
block ciphertext
Without mistakes


The only reliable OCR software I have found in the past was a Windows PC
software, which gave 100 percent correct results. I used that for a 
scanned

document, from a printed page. Maybe base32, for example, would be a
good candidate, when used only with uppercase or only lowercase letters.

http://www.boxoft.com/free-ocr/

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG - signed Telefax communication

[Стефан Васильев via Gnupg-users]

Andrew Gallagher wrote:


On Fri, 2022-01-14 at 16:42 +, Стефан Васильев via Gnupg-users
wrote:

The --begin etc. markers should be used to detect where
the OCR scanned document begins and ends to have later
a good signature.


If you are relying on OCR to reconstitute a bitwise-perfect message
(because that's the only way a signature will validate) then you're
asking for trouble, unless you're using a very restricted character set
with at most one whitespace codepoint.


Maybe one could use a character, like a + or * etc., as whitespace.

The idea is to use a Telefax machine for endpoint security, with
an offline usage PC, which for example gpg4win is ideal for.



the receiver then OCR scans the document and decodes the QR-code


If QR is an option, why not encode the entire message in QR?


I thought about that too, but in case the document would be several
pages long and would not fit into a QR-code. Ok, one can split the
large document and insert then several QR-codes into one Fax page.

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG - signed Telefax communication

[Стефан Васильев via Gnupg-users]

Hi all,

If people have a modern Telefax machine, have you ever
tried out to send a GnuPG signed Fax?

I was thinking about the following:

One prepares his message in the following way:

---begin message---

Message.

--end message---

Then saves the message, detach signs it and converts the
detached signature as QR-code which is put then also on
the Fax document, while the receiver then OCR scans the
document and decodes the QR-code.

The --begin etc. markers should be used to detect where
the OCR scanned document begins and ends to have later
a good signature.

Well, just a thought.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Key Management - BSI had send private key instead of public key

[Стефан Васильев via Gnupg-users]

Hello,

According to an article on the German site golem.de[1]
Germany's BSI[2] had sent its private key instead of
it's public key to a user via email, who requested its
public key.

I am only familiar with GnuPG command line usage
and assume that they may use a GUI based program
or add-on for an MUA.

My question is what can cause this, let's say if you
have a busy and stressful day and would accidentally
carry out such operation, as security professional
knowing such a cryptographic tool for a long time,
I assume.

If this can happen to professionals then it would
tell me that there is a design flaw in the software
used.

Because this german article does not go into details, has
someone of you more details on how this happened?

Regards
Stefan

[1] 
https://www.golem.de/news/verschluesselung-bsi-verschickt-privaten-pgp-schluessel-2111-161073.html


[2] https://www.bsi.bund.de/EN/Home/home_node.html



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Off-topic: standards for embedded signing of digital images?

[Стефан Васильев via Gnupg-users]

Mark H. Wood wrote:


I didn't know where else to turn, for folks who might be able to point
me at standards for or discussion of embedding crypto signatures in
image formats, to detect tampering with the image.


I do not know any, but like to add my POV. Let's say GnuPG could
digitally sign a .png image, i.e. inserting the signature 
steganographically
in the image and later a user could verify the steganographically 
embedbed

signature. What happens if Eve uses Photoshop and does a slightly image
correcting and re-saves the image? It would IMHO give a user then
an invalid signature or none.

Sending images over the Internet, say from an authorized photostudio
(passport photos etc.) can only be savely transmitted (openly) IMHO if
the photostudio would embedd the image in an, for example, digitally
signed .pdf, containing an eIDAS[1] signature, guaranteeing globally
that the image in the .pdf was signed by an authorized photosudio and
not manipulated by a middleman, while in transfer.

[1] eIDAS is the Digital Signature Standard in the EU for .pdf 
documents,

which can be verified with the free Adobe Reader.

Regards
Stefan




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [OT] Tutanota security/privacy concerns (was: Re: How would you do that ...)

[Стефан Васильев via Gnupg-users]

l0f4r0 wrote:


Hi Stefan, all,

Oops, I think I wanted to react sooner but didn't visibly...

8 mai 2021, 15:12 de stefan.vasi...@posteo.ru:


l0f4r0 wrote:


I don't use ProtonMail so I can't say.

But otherwise you have Tutanota (no phone number required):
https://tutanota.com/blog/posts/anonymous-email/

BTW. Tutanota does (full???) Browser fingerprinting and they where 
required


to 'upgrade' their email service.


Thanks for the notice.

So are you implying Tutanota does not do browser fingerprinting 
anymore?

Actually, I cannot find any public source about this. Would you have
some pointers to share please?


Hi,

I have not checked again, but can tell you from the past that they check
what web browser you are using, because when you use an anti-fingerprint
add on for your browser and it generates a User Agent string with an 
(old)

unsupported browser Tutanota complains and tells you to use the latest
Browser  x,y,z. If they do it any longer or if they do full 
fingerprinting I do

not know.



While we are at it, by any chance, do you/people have (other)
complaints/concerns about Tutanota from a security or privacy points
of view?


I guess Tutanota is a fine service, like many others, but I would like 
to

see Monero cryptocurrency support, when one likes to sign up via Tor.
(have not checked lately if this is already possible)

Regards
Stefan




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

Brandon Anderson wrote:
On 14 Jul 2021, at 23:52, Стефан Васильев via Gnupg-users 
 wrote:


It would tell me as 3rd party that for WoT puposes, if this is still 
used,
Alice and her good friend Bob were able to sign their pub keys 
remotely,

based on a free of charge verification method.


That’s what ordinary third-party sigs do. Adding medical data to a
public key does not add anything to the process.


If it would be only medical data you are correct! But, and here a big 
but,
this medical data contains the full name and birthday of the 
certificate
holder *digitally signed* by EU *authorities* in this field while the 
cert

holder had to show his *valid* ID-card to the issuer.


You should also beware that medical information is treated as
sensitive personal data under GDPR, and this subject to stricter
rules. Keyserver operators already have enough legal issues handling
ordinary personal data (email addresses etc) without adding
vaccination certificates to the dataset.


As I said a duplicate key is not meant for keyserver distribution and
if this should happen by accident, well than it happened. No one can
be sued about this. It is or was only said in some news that one 
should

not publish such QR-codes on social media.


At its core, the problem here is you still are not proving this
verifiable secret has not been shared with any other party. Are these
being scanned to go to work? Are these being scanned to travel? Are
these being used in other hypothetical key exchanges? I am going to
assume you currently have one of these QR codes. Assuming you want me
to sign your public key, prove to me now that you have never shared or
shown it to anyone ever. If you cannot do this, I cannot be assured
you are the actual party that is sharing it as it could have been an
earlier party you shared it with or someone eavesdropping on the
communication channel you shared it upon.


I or anybody else does not need to do that with you, only *your*
virtual long time friends, having no other good option remotely.

These QR-codes are meant to be carried mostly on a smartphone and if
required the person can show these per request. When those codes are
scanned with authorized apps no data is stored on third party servers
and only the name and birthday is displayed and the signature verified,
while the holder has to show his id-card as well.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

Brandon Anderson wrote:
On 14 Jul 2021, at 23:52, Стефан Васильев via Gnupg-users 
 wrote:


It would tell me as 3rd party that for WoT puposes, if this is 
still used,
Alice and her good friend Bob were able to sign their pub keys 
remotely,

based on a free of charge verification method.
That’s what ordinary third-party sigs do. Adding medical data to a 
public key does not add anything to the process.


You should also beware that medical information is treated as 
sensitive personal data under GDPR, and this subject to stricter 
rules. Keyserver operators already have enough legal issues handling 
ordinary personal data (email addresses etc) without adding 
vaccination certificates to the dataset.


A

I would argue what he is proposing doesn't do that at all. It is like
publically posting a password to your google account and telling
people they can verify it is your account by trying to sign in! Once
you send your 'proof of identity,' anyone can make the same claims
even if you are not sharing this on a keyserver. It's made worse by
this being something I expect people will be sharing to prove
vaccination, so it will likely have many potential areas to be 
copied.

If you tell me you have not shared it with anyone yet, that still
means nothing because you could be impersonating the persons whose QR
code you already received from an earlier exchange. Even if this was
not the case, and it indeed was a verifiable secret never shared with
anyone, it does not verify the identity of the public key owner
because it's susceptible to a simple man-in-the-middle attack.

Assume Bob wishes to prove his ownership of public key pub_bob to
Alice. Bob and Alice are communicating in a way compromised by Eve.
Bob affixes his Vaccine QR code to a public key and transmits it to
Alice. On route to Alice, Eve intercepts the public key, generates a
key pair Pub/Priv_eve, adds bobs QR code to the public key Pub_eve,
and sends it to Alice. Alice sees Pub_eve with Bob's QR code and
concludes that Pub_eve is owned by Bob and signs it as verified.

Again, this is not a secure way to verify identity. Do not do this. 
It

is considerably worse than just having a public key exchange over the
phone/video call because it gives others a way to impersonate you. If
you wanted to have a video call over the internet and show "proof of
identity" over that call and that was sufficient for you, then fine,
but whatever you do, don't attach your proof of identity to the 
public

key.


Why do you assume such a workflow?

Alice sends the duplicate ASCII armored in an encrypted and signed
message to Bob.

Bob is already for a long time in possession of Alice's pub key.

After receiving Alice's message he extracts the QR-code, verifies it
and compares both pub keys fingerprints. Once done he deletes the
duplicate and the extracted QR-code.

Finally he can sign Alice's pub key, sends it back to her and she can
then upload it to a keyserver.


When designing a scheme for cryptography, you should always assume the
worst situation, so it is secure in every situation. So in this
hypothetical, you are only using this scheme if Bob has already
somehow verified Alices' public key? How has he managed to do so? I
assume either in person or with the web of trust. However, Bob has
managed to do this should be the same way Alice verified Bob's key.
This brings us right back to the this QR-code does not prove ownership
of Bob's public key. Again if Eve ever has seen this QR-code, either
with an earlier communication or otherwise, Eve could be sending the
encrypted message to Alice with Bob's QR code. From Alice's viewpoint,
who has not verified Bob's public key, there is no way for her to know
who is sending it, so she should not trust it.


How do you initiate a key signing session, with 3 levels, GnuPG offers,
when you started using GnuPG with virtual contacts and what level
would you choose for this proposal? I have wittnessed people running
a GnuPG CA with a key certification policy which gave well know people
remotely a sig2 or 3, without getting in contact with the user and 
without

asking the user. So much for the classical WoT nobody can rely on.

In Alice and Bob's case, regardless if they sign keys or not, they know
each other for a long time virtually. If Eve would play man in the 
middle
since they first met, yes than this is a problem, but then (signing or 
not)

we can consider public key cryptography as a general problem, regardless
if you use GnuPG with all it's many features and FAQs or other crypto
software. And here we would be then at the Governikus topic and you
and others can happily ask, why the majority of German GnuPG users
do not use such a fine certifcation service ... or why other (EU) 
countries

did not follow the Governikus route (for CA cross certification)???


Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

Andrew Gallagher wrote:
On 14 Jul 2021, at 23:52, Стефан Васильев via Gnupg-users 
 wrote:


It would tell me as 3rd party that for WoT puposes, if this is still 
used,
Alice and her good friend Bob were able to sign their pub keys 
remotely,

based on a free of charge verification method.


That’s what ordinary third-party sigs do. Adding medical data to a
public key does not add anything to the process.


If it would be only medical data you are correct! But, and here a big 
but,

this medical data contains the full name and birthday of the certificate
holder *digitally signed* by EU *authorities* in this field while the 
cert

holder had to show his *valid* ID-card to the issuer.


You should also beware that medical information is treated as
sensitive personal data under GDPR, and this subject to stricter
rules. Keyserver operators already have enough legal issues handling
ordinary personal data (email addresses etc) without adding
vaccination certificates to the dataset.


As I said a duplicate key is not meant for keyserver distribution and
if this should happen by accident, well than it happened. No one can
be sued about this. It is or was only said in some news that one should
not publish such QR-codes on social media.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

Brandon Anderson wrote:
On 14 Jul 2021, at 23:52, Стефан Васильев via Gnupg-users 
 wrote:


It would tell me as 3rd party that for WoT puposes, if this is still 
used,
Alice and her good friend Bob were able to sign their pub keys 
remotely,

based on a free of charge verification method.
That’s what ordinary third-party sigs do. Adding medical data to a 
public key does not add anything to the process.


You should also beware that medical information is treated as 
sensitive personal data under GDPR, and this subject to stricter 
rules. Keyserver operators already have enough legal issues handling 
ordinary personal data (email addresses etc) without adding 
vaccination certificates to the dataset.


A

I would argue what he is proposing doesn't do that at all. It is like
publically posting a password to your google account and telling
people they can verify it is your account by trying to sign in! Once
you send your 'proof of identity,' anyone can make the same claims
even if you are not sharing this on a keyserver. It's made worse by
this being something I expect people will be sharing to prove
vaccination, so it will likely have many potential areas to be copied.
If you tell me you have not shared it with anyone yet, that still
means nothing because you could be impersonating the persons whose QR
code you already received from an earlier exchange. Even if this was
not the case, and it indeed was a verifiable secret never shared with
anyone, it does not verify the identity of the public key owner
because it's susceptible to a simple man-in-the-middle attack.

Assume Bob wishes to prove his ownership of public key pub_bob to
Alice. Bob and Alice are communicating in a way compromised by Eve.
Bob affixes his Vaccine QR code to a public key and transmits it to
Alice. On route to Alice, Eve intercepts the public key, generates a
key pair Pub/Priv_eve, adds bobs QR code to the public key Pub_eve,
and sends it to Alice. Alice sees Pub_eve with Bob's QR code and
concludes that Pub_eve is owned by Bob and signs it as verified.

Again, this is not a secure way to verify identity. Do not do this. It
is considerably worse than just having a public key exchange over the
phone/video call because it gives others a way to impersonate you. If
you wanted to have a video call over the internet and show "proof of
identity" over that call and that was sufficient for you, then fine,
but whatever you do, don't attach your proof of identity to the public
key.


Why do you assume such a workflow?

Alice sends the duplicate ASCII armored in an encrypted and signed
message to Bob.

Bob is already for a long time in possession of Alice's pub key.

After receiving Alice's message he extracts the QR-code, verifies it
and compares both pub keys fingerprints. Once done he deletes the
duplicate and the extracted QR-code.

Finally he can sign Alice's pub key, sends it back to her and she can
then upload it to a keyserver.

Regards
Stefan





___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

Brandon Anderson wrote:

Andrew Gallagher wrote:
On 14 Jul 2021, at 18:34, Стефан Васильев via Gnupg-users 
 wrote:


Viktor wrote:


It's the same as putting any other public information in public key
certificate. You can put first and last name, email address and 
even

photo of another person.


But this information can be digitally verified and is issued EU wide 
by

Governemnt trusted sources in this field.


But this puts logical causality the wrong way around. Just because 
the

thing *being signed* is genuine, does not prove that the thing *doing
the signing* is genuine.

IMO this proposal is abuse of the public key infrastructure. If you
want to sign an ID document, just sign an ID document and distribute
it through other channels. Attaching it as a signed packet to a key
adds zero value, at nonzero cost.


What abuse do you see here, if I may ask? I see it as an non-public 
option
among virtual GnuPG friends to include in a duplicate certified data, 
which

is not meant to been distributed on keyservers etc. or made public to
the world and acts for two pub keys comparison.




Again, this does not sound very secure or make much sense to me. It
also seems to make several assumptions that I do not think are proper
in any security situation that would call for GPG to begin with. You
want to share a secret credential that you have with someone not in
person to prove identity, something which can be copied and shared
with others no differently than when you shared it with them. It is
like using a government-backed CA but worse because you give everyone
you communicate with access to the secret. You are assuming the person
you are sharing this picture with won't use it themselves to
impersonate you. You are assuming the communication channel you are
using to share this picture with is secure and not being intercepted
or spied upon, which could result in someone stealing and using this
credential themselves. This then begs the question, if you have a
channel that securely communicates between the two parties (the other
party you trust enough to share this secret credential with) anyways,
what the need for the QR code to begin with is? Just share your public
key and be done with it.


It would tell me as 3rd party that for WoT puposes, if this is still 
used,

Alice and her good friend Bob were able to sign their pub keys remotely,
based on a free of charge verification method.


Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

Johan Wevers wrote:


On 14-07-2021 19:32, Стефан Васильев via Gnupg-users wrote:


from trusted EU sources,


We may have a different idea about "trusted". There are enough fake
official ID's, like undercover police uses.


And on the other side the WoT and OpenPGP is/was never accepted in
Internet businesses, politics etc. and super good things like Governikus
never took off among German GnuPG users to spread in the world to
make GnuPG an accepted product for trusted digital signatures in
Internet businesses etc.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

Andrew Gallagher wrote:
On 14 Jul 2021, at 18:34, Стефан Васильев via Gnupg-users 
 wrote:


Viktor wrote:


It's the same as putting any other public information in public key
certificate. You can put first and last name, email address and even
photo of another person.


But this information can be digitally verified and is issued EU wide 
by

Governemnt trusted sources in this field.


But this puts logical causality the wrong way around. Just because the
thing *being signed* is genuine, does not prove that the thing *doing
the signing* is genuine.

IMO this proposal is abuse of the public key infrastructure. If you
want to sign an ID document, just sign an ID document and distribute
it through other channels. Attaching it as a signed packet to a key
adds zero value, at nonzero cost.


What abuse do you see here, if I may ask? I see it as an non-public 
option
among virtual GnuPG friends to include in a duplicate certified data, 
which

is not meant to been distributed on keyservers etc. or made public to
the world and acts for two pub keys comparison.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

Viktor wrote:


It's the same as putting any other public information in public key
certificate. You can put first and last name, email address and even
photo of another person.


But this information can be digitally verified and is issued EU wide by
Governemnt trusted sources in this field.


In general: unless we have other trusted person to verify that public
key belongs to certain person, we can not ensure key owner identity
before we have some transactions signed with this key.


I think nowadays in digital age the time of single individuals who need
to be trusted for digital verification purposes is long over, or how 
would

you manage this if you, for example, are a trusted person with no
sigs from others and people in other countries should trust you and
your verification skills (and honesty)?


And we should not only trust person that has verified public key
certificate, we should also know and trust the procedure this person
used to verify public key certificate. And this is very important if
there is a dispute, say about a signed contract.


In EU with eID and eIDAS it is all outlined and nobody has again to
trust a single individual or his skill set the person used to verify
a valid certificate.

The reason why I opened this thread was to show users the cheapest[1]
way to put digitally certified data, from trusted EU sources, which can
be digitally verified, into a photo-ID, to bind the included full name 
to

the same full name as the pub keys UID.

However, just used as duplicate for comaprison and not to be uploaded
to keyservers like I said in another reply.

[1] In Germany exists Governikus, which acts on behalf of the BSI as
CA for OpenPGP users for free, but it never took off under German
GnuPG users, because it requires the purchase of an BSI certified
card Reader and that the person has already a new ID-card, which
this functionallity is activated in the ID-card chip.

This was the flaw in pgp's web of trust: verification procedures were 
not known.


I would say they were known, but you could not rely on them.

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

accounts-gn...@holbrook.no wrote:

"online decoder" will part of the point is not to upload my qr to some
external site. That should strictly not be necessary.

Are there other qr decode apps (cli) out there that people have used
successfully with the corona qr surveillance trojan?


I don't know, I have only used zbarimg, as described.

Regards
Stefan


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

accounts-gn...@holbrook.no wrote:

Maybe a bit off topic, but I've tired zbarimg and qtqr to scan that EU
covid qr code of mine, but neither could do it.

Is that some kind of custom encoding going on?


Yes, it should work. What you can try is to use an online QR decoder
and use from the obtained text the first string (in base45) and save
it in a text file and then run the Golang program only with the text
file. coronadecode -verify < base45string.txt. Without using the
the trustparameter it uses then by default the German trustlist.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

Brandon Anderson wrote:

What exactly stops me, a person wanting to impersonate that user, from
putting the same QR-Code I got from that public key into my own
keypair?


Nothing, if you obtained the pub key from a key server! The idea would
be that Alice and Bob, not having a CA, nor WoT signatures, while they
both never met in person, could make a duplicate without the photo-id,
which they always use and upload to key servers etc. and for 
verification

purposes the could exchange the pub keys with to photo-id for comparison
of both keys. Once compared they both sign then the pub keys which have
no photo-id.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Call me crazy, but ...

[Стефан Васильев via Gnupg-users]

if a person, within the EU, would put his COVID vaccination certificate 
QR-Code
in his pub-key as photo-ID I would say that than another GnuPG user, 
within
the EU, or maybe later in the U.S. and elsewhere too, would have the 
assurance,
without that the public key is otherwise signed, that this pub key 
belongs to that

person.

On GitHub is a decoder available, which allows users to verify the 
digital signature

of such COVID certs, with trustlists from EU member states.

https://github.com/stapelberg/coronaqr

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: BSI - Why PQC for Thunderbird and not gpg4win in the first place?

[Стефан Васильев via Gnupg-users]

Bernhard Reiter wrote:

To be more specific, the conservatice party block (CDU/CSU) in Germany 
has
been pushing many years for more suveillance, more rights for secret 
services
and attack capabilities. And the resistance from other parties like 
SPD, FDP,
attornies, journalists has been becoming weaker. (Note that the biggest 
block
of German voters prefer this conservative block, so this is a problem 
of
convincing more people and changing their vote about those topic). 
Similiar

in Europe and the pandemic has shifted public attention away from the
downsides.

Rumors go that there is a good part that the German BSI may be split up 
in the

future in what I'd call a "good" and "bad" part. This makes sense, as
if "security" public administrations have legal rights and obligations, 
they

need technical support and this is typical within the ministry of the
interior. On the other hand the protecting part should be more 
independent
maybe in the consumer and economy protection with the ministry of 
justice or

the ministry economy.


Why not let the BSI play the 'good' guys and ZITiS the 'bad' guys ... ?!

Hopefully BSI will play white hat hackers and publish their findings on
their website.



https://www.zitis.bund.de/DE/Home/home_node.html

P.S. Please dear GnuPG community do not see this thread as off-topic,
because in the future people inside or outside Germany may think of
how to securely and privately communicate globally with their
communication partners.

Regards
Stefan





___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: BSI - Why PQC for Thunderbird and not gpg4win in the first place?

[Стефан Васильев via Gnupg-users]

Werner Koch wrote:


On Tue, 29 Jun 2021 15:31, Стефан Васильев said:

I don't understand why the BSI is looking for Post Quantum 
Cryptography

support with OpenPGP for Thunderbird and not for the promoted gpg4win,


I can't tell you that.  I do not have anymore information than you.
From reading the tender it is clear that this project is for evaluating
new algorithms in a real worl application.  The goal is not to kickoff 
a

new standard or feature.


Ah ok, understand.


As understood, Germany recently passed a law to strengthen authorities
to allow the usage of their Government trojan, which tells me that 
using


It is quite a problem for the BSI that the gov is trying to shift them
into the same trouble the NSA has.  Protecting the citizen while at the
same time helping to attack them.  Will citizens still be able to trust
them in a few years?


True and a good question!

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

BSI - Why PQC for Thunderbird and not gpg4win in the first place?

[Стефан Васильев via Gnupg-users]

Hello Werner and all,

I don't understand why the BSI is looking for Post Quantum Cryptography
support with OpenPGP for Thunderbird and not for the promoted gpg4win,
in the first place?

Text in German language:

https://www.evergabe-online.de/tenderdetails.html?5=397181

As understood, Germany recently passed a law to strengthen authorities
to allow the usage of their Government trojan, which tells me that using
gpg4win usage on offline devices would be much much more secure than
using Thunderbird on online devices, with PQC support.

Another thing I do not understand is that the winners of NIST's PQC 
round

three are not yet announced and why is the BSI then not waiting?


Any thoughts to share would be very appreciated.

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: recommendation for key servers

[Стефан Васильев via Gnupg-users]

Andrew Gallagher wrote:

On 28 Jun 2021, at 18:02, Стефан Васильев via Gnupg-users 
 wrote:


When looking at the stats, why are there IMHO such high numbers
(daily) on updated pub keys, compared to submitted ones?


It’s not clear, but it may be due to a lack of canonical ordering of
packets. Say Alice and Bob have both signed my key, but keyserver A
and keyserver B have different copies of my key with Alice and Bob’s
signatures in opposite order from each other. These keys will have
different checksums, even though they contain the same functional
information. If the sync process doesn’t result in A and B reordering
the sigs in the same way, then they will keep syncing (successfully!)
forever, incrementing the number of changes each time.


Ah, thanks. That makes sense, but could be then considered, software
wise, as unwanted behaviour.

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: recommendation for key servers

[Стефан Васильев via Gnupg-users]

Jason Harris wrote:


There are still SKS servers running, but several are unsynchronized,
including, apparently, pgp.mit.edu. Of course, they have the same key
import/poisoning problems already mentioned on these lists…

Here are the hockeypuck servers I could find, all synchronizing
properly and apparently exchanging data (minus the unwanted packets)
with the SKS servers that are synchronized:

* http://keys.andreas-puls.de/pks/lookup?op=stats
* http://keys2.andreas-puls.de/pks/lookup?op=stats
* http://keys3.andreas-puls.de/pks/lookup?op=stats
* http://pgp.cyberbits.eu/pks/lookup?op=stats
* http://pgp.re:11371/pks/lookup?op=stats
* https://pgpkeys.eu/pks/lookup?op=stats
* https://keybath.trifence.ch/pks/lookup?op=stats
* https://keyserver.trifence.ch/pks/lookup?op=stats


Thanks for the info.

When looking at the stats, why are there IMHO such high numbers
(daily) on updated pub keys, compared to submitted ones?

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

piknik with GnuPG

[Стефан Васильев via Gnupg-users]

Hello,

some of you maybe know piknik, https://github.com/jedisct1/piknik,
which allows users to copy/paste data over the Internet.

I have installed the software on a VPS so you can try out piknik with
GnuPG messages, prior installing it on an own server.

The installed version is 0.10.1.

Here are the client paramters:

Passphrase: 
model-narrow-chief-often-under-avocado-dance-course-list-battle


-BEGIN PGP MESSAGE-

jA0EBwMCcgIY9heG7BVg0sDdAXWuViY7V7OKvPJqdRJVMV5oifxiF/ZxwOLzaQyP
QUDYCItfWL+V6KKqCMyxJDJ5wOstb8EAM14BNWP4TqrqobO9GQJLHYoh1L8Gr0/W
drXWp6kCs/tuHegeES36vUkz17J4APnSvKy40c/GtABcZTniSGfRI65PzUOqa9He
xCtLQcRZEUNcHMPHs1fe2h593OBjteGEdY7bYNQTh0dwuIZzCxqM1sFPeiZR0wCh
PUcHt8jM8oT04BszeVzMaSe9JH5NtNIE44Vzwzl9NoEn4Ef0PQ/W4xS8m0MfhAED
FnGxVUMmJBGTKoXRG1dlnMlm/W4Q8+L4NF3D+HKaSeqX1ThGDyzS4P6UudsnNLN7
Frr0YUb8L53ftumJUXkuwrGddT725uZIkGpFrtoPfvLOHk0ya3h8CWXEsycE6BiJ
Wao/ofieEbqU71+xUAbek4qK/aZprRr/LYGBHXNn2t6lRpB9KWw10esF8b/EQnNs
ubMFRAz81IbkbRKZZcPxxpQKprFOtSUL6Fd/Zc38biNGPWSr9WvliSOL4Q0DjrM=
=WOWk
-END PGP MESSAGE-

Regards
Stefan

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Ditching OpenPGP, a new approach to signing APT repositories

[Стефан Васильев via Gnupg-users]

Hello,

maybe interesting for some of you.

https://wiki.debian.org/Teams/Apt/Spec/AptSign

Regards
Stefan



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users