Re: Proof for a creation date

2016-12-01 Thread Schlacta, Christ 
The easiest way is to publish your code to a publicly controlled source
with a signature on or before your desired date. Not sure if there's a
*better* way.

On Dec 1, 2016 7:43 PM, "Bertram Scharpf"  wrote:

> Hi,
>
> we all know that kidnappers do publish a picture of their
> hostage holding up a todays newpaper. The purpose of this is
> to proof that the victim was alive _after_ a certain point
> of time. I want to do the opposite. I want to make evidence
> that I created a document _before_ a certain point of time.
>
> I could use self-darkening ink but that won't be reflected
> in a JPEG scan and my pen won't make the job that TeX does.
> I could sign a newspapers home page but that cannot be
> reproduced at a later point of time to verify the signature.
>
> Is there a standard way in GnuPG and in the keyholder
> infrastructure to accomplish this task?
>
> Thanks in advance.
>
> Bertram
>
>
> --
> Bertram Scharpf
> Stuttgart, Deutschland/Germany
> http://www.bertram-scharpf.de
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [admin] postings from non-subscribers

2016-11-07 Thread Schlacta, Christ 
What's annoying is when you're subscribed to a list and receiving posts,
but for some reason when you try to post, it says you're not subscribed and
getting moderated. I've had that happen, but I don't think it's happened
here yet.

On Nov 7, 2016 12:48 PM, "Ralph Seichter"  wrote:

> On 07.11.16 19:06, Werner Koch wrote:
>
> > Our mailing list admins are moderating posts from non-subscribed
> > posters. For many years they are doing this without getting much
> > attention - time for a big KUDOS to them.
>
> That's quite unusual. Thanks to the list admins for their work. Still,
> I personally (!) don't think there is any need to accommodate non-
> subscribers. The whole notion of "I want information but cannot be
> bothered to subscribe" rubs me the wrong way.
>
> -Ralph
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [admin] postings from non-subscribers

2016-11-07 Thread Schlacta, Christ 
Top posting is easier for some, bottom posting for others. Also, a sane mda
will show all new messages at the bottom, meaning you see the previous
messages above the current message. Leaving the full quote in for those who
aren't using a sane mda to be able to read through and find previous
messages, indented to show threading, is a matter of courtesy.

The only time inline responses make any sense at all is when there are
multiple separate points to respond to, and the only time a bottom post
makes sense is when you want your recipients to have to scroll through the
previous context *twice*, and get annoyed.

On Nov 7, 2016 1:24 PM, "Ralph Seichter" <gnupg...@seichter.de> wrote:

> On 07.11.16 21:59, Schlacta, Christ wrote:
>
> > What's annoying is when you're subscribed to a list and receiving
> > posts, but for some reason when you try to post, it says you're not
> > subscribed and getting moderated.
>
> Used the wrong address to post? Anyway, speaking of annoying things:
> top-posting and full quotes come to mind. :-)
>
> -Ralph
>
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: What's the contextual definition of the term?... signature

2016-01-28 Thread Schlacta, Christ 
I sent this a while ago in case anybody else wants to read it, but
accidentally only to Don.
On Jan 28, 2016 7:42 AM, "Schlacta, Christ" <aarc...@aarcane.org> wrote:

> Unofficially, but functionality and contextually correct.. A cryptographic
> signature is a cryptographically strong hash of a message that has been
> encrypted from an agent's private key to its public key such that anybody
> with the public key can verify the message, yet nobody except the agent
> with the private key could have generated said signature.
> The function is both to verify that the sender specified in the message is
> the one who sent it, and that the message is exactly and only the message
> the sender sent.
> On Jan 27, 2016 7:01 PM, "Don Saklad" <dsak...@gnu.org> wrote:
>
>> What's the contextual definition of the term?... signature
>> as this term is used for GNUpg
>>
>> ___
>> Gnupg-users mailing list
>> Gnupg-users@gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>>
>
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

PAM authentication with gpg or ssh key

2015-09-28 Thread Schlacta, Christ 
Hello list.  I know this isn't exactly on topic, but I think it's
asymptotically close enough to justify asking here.  I'm looking for a
way to authenticate myself to PAM (Specifically sudo) on a remote
server over SSH, though possibly also on a local server using
ssh-agent. if my gpg key is unlocked.  This is particularly relevant
as I store my gpg key in a smart card, and use it to authenticate to
the servers initially.  It would be nice if, while I was out and about
doing remote administrative tasks, I didn't have to take the security
risk of typing in my password where people could shoulder-surf it.  As
I'm using a hardware crypto token (Yubikey Neo actually), I could
actually enable static passwords, or other crypto measures alongside
my yubikey, however, the two best alternative options have less
desirable side-effects.  namely the yubikey-pam module requires
communication with the yubico servers to authenticate a key, and the
static password option can easily accidentally dump the plaintext
password into, say, an e-mail or notepad.  Therefore, I'm looking for
a way to have PAM query the ssh-agent remotely, or optionally locally
in rare instances if possible, for authentication.  I've tried
googling for this, but was unable to come up with anything, and was
hoping someone here would know a way.

If it's possible to redirect gpg-agent over ssh as a gpg agent instead
of an ssh agent, it would also be more than sufficient, if not
preferable, so long as it can authenticate to PAM effectively.  It's
worth noting that my primary use case is connecting from windows +
gpg2.1 + putty --> Linux + whatever version of gpg comes from repos.
Current platforms include deb 7,8, and ubuntu 14.04 and 15.04, but in
the future plan to incldue freebsd and openbsd.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: protecting pub-keys from unwanted signatures

2015-08-16 Thread Schlacta, Christ 
I'll reiterate that there's really no such thing as unwanted signatures.
The more signatures on a key,  the stronger the Web of Trust. End of story.
Please try to understand that no signature is inherently unwanted. Your
proposal, in any form,  would weaken gpg on the whole by increasing the
already high burden on users to maintain their keys.
On Aug 16, 2015 10:16 AM, ved...@nym.hush.com wrote:

 On 8/16/2015 at 12:34 PM, Stefan Claas ad...@zwiebelfreund.de wrote:

 Should now GnuPG been enhaned, or the Key Server's been updated,
 similar to the pgp.com one.in order to allow such things not in
 the future?

 =

 It would be very helpful if such a protection against unwanted key
 signatures could be instituted.
 Here is a possible suggestion on how it might be done:

 [1] Have GnuPG require a 'cross-certification' of signatures, similar to
 the cross-certification of subkeys.

 [2] Have GnuPG give a message upon importing a public key, that

 Signatures from keyid's [...], [], and [...] have not been
 cross-certified by their owner,
 Clean these signatures, y / n ? 

 (Alternatively, the default could be:
 These signatures will be removed. If you want to keep them, enter
 'keep-sig' ,

 and then each new sig would be displayed, and if the importer
 wants the sig, the importer would need to enter 'keep-sig' for each sig
 individually.)

 This would require the owners of the keys to do periodic checking of their
 keys and cross-certify the signatures they want.

 It would also be a bit of work for the owners to cross-certify all the
 'good'  signatures they were happy to get.


 Just a suggestion.

 The implementers can best decide how much extra work this would require,
 and if there is a simpler better way to accomplish the desired result.


 vedaal



 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: protecting pub-keys from unwanted signatures

2015-08-16 Thread Schlacta, Christ 
On Aug 16, 2015 2:27 PM, Robert J. Hansen r...@sixdemonbag.org wrote:

  What other people do says nothing about me, and everything about
  them.

 Except that 99% of people who see that signature will think you have an
 association with white supremacists.

 Should they?  No.

 Will they?  Yes.

People are stupid. Not necessarily any individual person, but people at
large are.


 The average person doesn't have a formal/mathematical model of trust and
 what it means.  They have a loose, poorly-specified understanding, like
 only sign certificates of people you know well.  This leads them to
 thinking, well, this white supremacist group must know Chris well.
 That's a false inference, but it's one a *large* number of people draw.

  On popular keys,  such as Facebook's, or any other public figure,
  there are going to accumulate signatures that aren't a part of
  anybody's Web of Trust. Until such time that these signatures can
  constitute a genuine threat to the Web of Trust, they're irrelevant.

 So you're now changing your statement: signatures *don't* always
 strengthen the WoT -- a large number of them are irrelevant.  This is
 much closer to reality.

If you rounded up all the signatures on a key server,  and just started
deleting them at random,  any given deletion is significantly more likely
to weaken the Web of Trust than to make no change, therefore,
mathematically, every signature strengthens the WoT on average.

Let's assign a value if 0 to every irrelevant signature, and a value of 1
to every relevant signature.  The total strength of the Web is the sum of
the keys in the Web.   Then the expected value of any given key's deletion
is in fact a negative value greater than 0, and if we rebuild the Web from
those signatures,  the addition of any key has an expected value greater
than 0, therefore, every key strengthens the Web

 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

gpa and gpgex in gpg 2.1.x releases for windows.

2015-07-02 Thread Schlacta, Christ 
As a gpg user, I've been using the gpg 2.1.x releases for a while.  as
of 2.1.1, gpg for windows included gpa and gpgex.  I used them.  newer
releases didn't remove these features, but didn't upgrade or include
them either.  Now it's difficult if not impossible to install gpa and
gpgex with gnupg 2.1.x series.  Can we get these nearly essential
features added back into the 2.1.x releases going forward please?  If
not, can we have them made into an add-on package so that downloading
them is easy?  Even if they're not fully or properly supported, the
existing functionality like clipboard, and basic key use are quite
important for day to day use of gpg on windows.  Not everybody uses a
dedicated e-mail client, or cares to install one.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Difference Kleopatra vs WinPT

2014-11-29 Thread Schlacta, Christ 
You're confusing gpa and winpt. Gpa is the default utility included with
winpt, but kleopatra is also included with winpt. Comparison wise, kleo has
more features, but gpa's futures are more... useful? I find myself using
gpa daily, and kleopatra only on rare occasion
On Nov 28, 2014 11:41 PM, Ben Stover bxsto...@yahoo.co.uk wrote:

 As far as I can see Kleopatra and WinPT are similar, competing tools for
 the same purpose:

 Management of pgp keys  certificates.

 What are the differences in details?

 Which one is better/more used?

 Ben






 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

How much information can be gleaned about a gpg key by possessing both plaintext and ciphertext?

2014-11-21 Thread Schlacta, Christ 
I know some encryption schemes reveal more information about the keys used
when an attacker has both the plaintext and the ciphertext.  In general,
how much information does GPG reveal in such situations?
How much plaintext/ciphertext matched data would an attacker need (An order
of magnitude is fine) before being able to reverse enough of the key to be
meaningful on fairly modern computers?
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: How much information can be gleaned about a gpg key by possessing both plaintext and ciphertext?

2014-11-21 Thread Schlacta, Christ 
So to summarize, the best way to try this attack would be to encrypt lots
of small messages to a dummy key and a target key because the only knowable
plaintext is the session key. However, there's no known or reasonably
suspected method of plaintext attack anyway, so all this data is believed
to be a waste. Correct me if I'm wrong, and thank you all for the prompt
and consistent replies
On Nov 21, 2014 7:59 AM, ved...@nym.hush.com wrote:

 On 11/21/2014 at 4:57 AM, Christ Schlacta aarc...@aarcane.org wrote:

 how much information does GPG reveal in such situations?

 =

 GnuPG works by using hybrid encryption:

 [1] The plaintext is converted to ciphertext using a block cipher, with
 GnuPG generating a random session key for the encryption

 [2] The random session key is then encrypted to the recipient's public key.

 [3] The recipient uses the private key to recover the session key in [2],
 which is then used to decrypt the plaintext in [1].


 No amount of plaintext and ciphertext reveal anything about the
 recipient's *Private* key.
 (The recipient's public key is usually *public* and known already).

 That said,
 Any attacker can simultaneously encrypt to a 'Target' public key, and to
 the Attacker's own public key.

 The Attacker can then recover the session key by decrypting with the
 Attacker's private key.
 This 'session key' is the only thing that can be used as the plaintext
 that is encrypted to the Target's public key.


 An attacker now knows:

 (a) The *ciphertext*, which is the session key encrypted to the Target's
 public key.

 (b) *PART* of the *plaintext*, which is the session key, since it was
 encrypted to the attacker's public key.
 (It is only *part* because the session key is padded with a *different*
 padding for each key to which it is encrypted,
 even when the same session key is simultaneous encrypted to different
 public keys.)

 (c) The Target's Public key.

 The Attacker can generate an unlimited amount of messages in this way.

 Using this information the attacker now wants to find/reconstruct the
 Target's Private key.


 I don't know that much about attacking RSA  Key Pairs in trying to find
 the Private Key, (other than factoring the modulus),
 but suffice it to say, that in the over 20 years that RSA has been around
 and many different attacks have been tried,
 *this* type of attack has not seemed feasible enough for anyone to try.

 So,
 Short summary,

 No useful information can be gleaned.


 vedaal



 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Symmetrical encryption or ...

2014-11-21 Thread Schlacta, Christ 
For a password safe you might look into existing solutions, such as
keepass(x) or other similar password storage solutions
On Nov 21, 2014 10:29 AM, Dave Pawson dave.paw...@gmail.com wrote:

 Thanks Robert. I'll give it a try.

 regards Dave P

 On 21 November 2014 18:24, Robert J. Hansen r...@sixdemonbag.org wrote:
  Only I use the two machines, but need the file encrypted.
 
  Any alternatives to symmetrical encryption of a file?
 
 
  Not really.  Sym would appear to be ideal for your use case.
 
 
  ___
  Gnupg-users mailing list
  Gnupg-users@gnupg.org
  http://lists.gnupg.org/mailman/listinfo/gnupg-users



 --
 Dave Pawson
 XSLT XSL-FO FAQ.
 Docbook FAQ.
 http://www.dpawson.co.uk

 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Encryption on Mailing lists sensless?

2014-11-21 Thread Schlacta, Christ 
On Nov 21, 2014 8:55 PM, Ingo Klöcker kloec...@kde.org wrote:

 On Thursday 20 November 2014 14:36:35 Schlacta, Christ wrote:
  On Nov 20, 2014 1:58 PM, Ingo Klöcker kloec...@kde.org wrote:
   On Tuesday 18 November 2014 22:43:18 MFPA wrote:
   KMail encrypts an individual copy for each BCC recipient. I thought
   Thunderbird+Enigmail would also do this.
  
   Any mail client not doing this completely subverts BCC (unless
 
  --throw-keyids
 
   or --hidden-recipient is used, but even throwing the key IDs still
leaks
 
  the
 
   number of hidden recipients).
 
  There's nothing preventing a list server or mail client from
intentionally
  adding a pseudo random quantity of invalid or junk keys to the recipient
  list, thus obfuscating the number of additional recipients, only
providing
  an upper bound to the estimate.

 Adding additional junk keys doesn't help if the recipient (or the
recipients)
 expect a certain number of recipients. If the message is encrypted to more
 than (expected number of recipients)+1 (for encrypt to sender) then the
 recipients most likely will wonder who the other recipients are. You'll
have a
 hard time convincing them that the other recipients are just fakes to
 confuse a third party intercepting the messages.

Perhaps a future version of the pgp specification should say something akin
to gpg should always add a number of junk keys, perhaps to pad the key list
out to one from a list of constant sizes, just to ensure that nobody can
know for sure how many recipients there are (except the sender), and can at
best place an upper bound. Perhaps the valid keys should be placed
pseudorandomly throughout the constant sized key table
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Encryption on Mailing lists sensless?

2014-11-20 Thread Schlacta, Christ 
On Nov 20, 2014 1:58 PM, Ingo Klöcker kloec...@kde.org wrote:

 On Tuesday 18 November 2014 22:43:18 MFPA wrote:
 KMail encrypts an individual copy for each BCC recipient. I thought
 Thunderbird+Enigmail would also do this.

 Any mail client not doing this completely subverts BCC (unless
--throw-keyids
 or --hidden-recipient is used, but even throwing the key IDs still leaks
the
 number of hidden recipients).
There's nothing preventing a list server or mail client from intentionally
adding a pseudo random quantity of invalid or junk keys to the recipient
list, thus obfuscating the number of additional recipients, only providing
an upper bound to the estimate.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Encryption on Mailing lists sensless? (was: Re: GPG API: Open Crypto Engine)

2014-11-17 Thread Schlacta, Christ 
Most of the technical reasons can be bypassed by making a single subscriber
key (public and private) available as a part of the subscription process,
but that eliminates most of the technical advantages of encryption, so it's
really a moot point.
On Nov 17, 2014 8:52 AM, Matthias Mansfeld 
m.mansf...@mansfeld-elektronik.de wrote:

 Zitat von Werner Koch w...@gnupg.org:

  On Mon, 17 Nov 2014 13:33, n...@goodcrypto.com said:

  GoodCrypto warning: Anyone could have read this message. Use encryption,
 it works.


 That does not make any sense on a public mailling list.  We write here
 for the public - it is non-encrypted for a purpose.

 scnr,


 ... Er, this is Nan's Signature for everything. Maybe he shoud ad the
 usual -- above.

 But sorry, I disagree a little bit. If we want literally to jam the secret
 service's attempts to decrypt mails, then it makes sense to use encryption
 for every single mail, private, business, nonsense and spam

 Technical reasons, NOT to encrypt on a list server are another disussion.

 Best regards
 Matthias
 --
 Matthias Mansfeld Elektronik * Leiterplattenlayout
 Neithardtstr. 3, 85540 Haar; Tel.: 089/4620 093-7, Fax: -8
 Internet: http://www.mansfeld-elektronik.de
 GPG http://www.mansfeld-elektronik.de/gnupgkey/mansfeld.asc


 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Encryption on Mailing lists sensless?

2014-11-17 Thread Schlacta, Christ 
I wouldn't say invite only. Contrarywise, when you send the subscribe
email, in the immediate, automatic response would be the public and private
key, optionally encrypted to the recipient. Open enrollment, public
availability. Just making the data obfuscated in transit.
On Nov 17, 2014 10:15 AM, Werner Koch w...@gnupg.org wrote:

 On Mon, 17 Nov 2014 18:48, aarc...@aarcane.org said:
  Most of the technical reasons can be bypassed by making a single
 subscriber
  key (public and private) available as a part of the subscription process,

 And by that you would disrupt the open discussion and knowledge culture
 and return to an invitation only BBS network.  The mailing lists are
 archived and indexed to spread knowledge and not to lock out most
 people.

 Private mailing lists are of course a different thing.


 Salam-Shalom,

Werner

 --
 Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: DSA key sizes

2014-11-10 Thread Schlacta, Christ 
I'm going to go out on a limb and suggest that gpg should support
government sponsored cryptographic standards whenever possible, but should
consider the highest government sponsored requirement as a minimum
requirement to actually implement. DSA 4096, 5120, and 8192 should be
available when governments advocate 3072. Governments are notorious for
understating cryptography requirements. I also find the rainbow table
fairly probable. Someone on this list should start a project to compute one
on Amazon s3 and see how long it would take and how much it would cost.
Given the recent demonstration of an md5 break for less than a dollar on s3
gpu nodes, I'd not be surprised to see it in under a year.
On Nov 10, 2014 9:39 AM, Nan n...@goodcrypto.com wrote:

 Nicholas,

 DSA was certainly compromised in the past. Some people think it isn't
 anymore.

 It doesn't matter much whether NIST knew or was conned. NIST didn't change
 their Elliptic Curve spec until Snowden published proof of a backdoor. Then
 they adjusted the spec as little as possible. NIST's DSA standard has
 shifted similarly.

 In our view it's generally better to avoid state sponsored standards.

 From https://goodcrypto.com/qna/technical/dsa-flaws/:

 DSA (U.S. Digital Signature Algorithm) keys haven't made the news, but
 they should. Here's a sentence from the ssh-keygen man page:

 DSA keys must be exactly 1024 bits as specified by FIPS 186-2.

 First, why should the whole world be restricted by a U.S. FIPS (Federal
 Information Processing Standard)? In this case it's obvious. NSA very
 likely has rainbow tables for DSA 1024 bit keys. The standard was
 compromised right in the open by not allowing longer keys.

 But it's worse than it appears. The SSH spec says exactly 1024 bits, not
 1024 bits or less. Why? Because NSA wanted the key length to sound as
 safe as possible, but still make everyone vulnerable to their attacks.

 Rainbow tables take a lot of resources to generate. The spec says
 exactly because that rainbow table is half of the size of a rainbow table
 for 1024 bits or less. NSA specified exactly 1024 bits to cut their
 work in half.

 The standard has been updated, but ssh-keygen shows their past behavior.
 We see no reason to believe it has changed.

 More detail: X is the size of the table at exactly 1024 bits. The table
 size for 1023 is 1/2 X, for 1022 it's 1/4 X, etc. Then (X + 1/2 X + 1/4 X +
 ...) is 2X.

 Nan

 GoodCrypto warning: Anyone could have read this message. Use encryption,
 it works.

 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: DSA key sizes

2014-11-10 Thread Schlacta, Christ 
On Nov 10, 2014 10:48 AM, Robert J. Hansen r...@sixdemonbag.org wrote:

 DSA 4096, 5120, and 8192 should be available when governments
 advocate 3072.


 The USG does not advocate any particular key size.  They've made DSA
 available in three sizes (as of FIPS 180-something) to support a variety
 of different needs.


 I also find the rainbow table fairly probable.


 I don't want to sound blunt, but I respectfully suggest you don't
 understand how rainbow tables work.

 They aren't used against signature algorithms.  They're used against
 *hash algorithms*.  Huge difference.  If you have a rainbow table that
 can break SHA-1 (not that I think one exists today), then it's
 completely useless against RIPEMD-160 or truncated SHA-256.

 If anyone wanted to use rainbow tables against DSA-1024, they would need
 some way to ensure that only one particular hash algorithm could be used
 with DSA-1024.  Instead, DSA-1024 just requires 160 bits of hash.
 SHA-1, RIPEMD-160, Tiger-192, WHIRLPOOL, SHA-224/160, SHA-256/160,
 SHA-384/160, SHA-512/160...

I'm proposing, or supporting the hypothesis at least, that a government
agency has a rainbow table mapping one dsa public key to the corresponding
private key, and vice versa. Given the amount of time and the amount of
resources at their disposal, it's not that improbable for a 1024 bit
keysize.



 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Update on USG, Software, and the First Amendment

2014-10-28 Thread Schlacta, Christ 
I'll add my +1 to the request
On Oct 28, 2014 12:08 AM, Bob Holtzman hol...@cox.net wrote:

 On Mon, Oct 27, 2014 at 02:20:36PM -0400, Robert J. Hansen wrote:
  Just received word back from a friend of mine who's a law professor
  focusing in electronic civil liberties, and is a former Commissioner of
  the FCC to boot.  He's skeptical that ITAR/EAR enforcement will affect
  U.S. hackers participating in libre software development.  More than
  that I can't/shouldn't say, since he was writing off-the-cuff in a
  personal email rather than carefully drafting remarks for public
  consumption.
 
  He rather likes writing short essays on law.  If there's interest, I'll
  try and talk him into writing something layman-friendly about ITAR/EAR,
  cryptography, and the First Amendment.

 Great interest here.

 --
 Bob Holtzman
 Giant intergalactic brain-sucking hyperbacteria
 came to Earth to rape our women and create a race
 of mindless zombies.  Look!  It's working!

 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Back to normal now

2014-08-13 Thread Schlacta, Christ 
You could have just booted in from the lxde DVD and reset your password...
On Aug 13, 2014 11:22 AM, da...@gbenet.com da...@gbenet.com wrote:

 Hauke,

 Yesterday whilst figuring out what to do, I found that I was logged out -
 my Linux box
 refused to accept my password.

 Anyway having copied the contents of my home directory - I reinstalled
 LXDE. Then slowly
 configured. I installed gpg2 - created the directory and associated files
 and then copied
 over my files.

 All works perfectly now - thanks to being locked out!!

 David

 --
 “See the sanity of the man! No gods, no angels, no demons, no body.
 Nothing of the
 kind.Stern, sane,every brain-cell perfect and complete even at the moment
 of death. No
 delusion.” https://linuxcounter.net/user/512854.html - http://gbenet.com

 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Where to save passphrases?

2014-07-29 Thread Schlacta, Christ 
As much as I'm sure there will be objections to this, I'd like to
re-suggest that you utilize the one password for all keyrings method.  So
long as those keyrings are physically on premises, and you practice good
password habits, such as never using your master password for remote
services, changing them often, and using a strong password; you should be
fine
On Jul 28, 2014 12:57 PM, Heinz Diehl h...@fritha.org wrote:

 On 28.07.2014, Bob (Robert) Cavanaugh wrote:

  It is a pain to re-enter the passphrase,
  but is required by our threat model.

 Maybe a smartcard could be the solution. After you have installed your
 key on the card, only a numeric PIN is required, which is MUCH easier
 to enter frequently.


 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: mailto with pgp fingerprint

2014-07-25 Thread Schlacta, Christ 
On Jul 25, 2014 5:30 AM, MFPA 2014-667rhzu3dc-lists-gro...@riseup.net
wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 Hi


 On Wednesday 23 July 2014 at 9:02:23 PM, in
 mid:109d2e39-c8dc-4cbc-a404-a5bd1b130...@gpgtools.org, steve wrote:


  Wouldn’t it be a nice solution, if key server software
  had a mechanism for users to verify their UserID by
  sending a mail to the mail address in question.

 If I recall correctly, PGP's keyserver PGP Global Directory sends an
 email to each email address in the uids when a key is submitted, and
 only lists those uids whose email address replies. It re-sends these
 verification emails every six months, and deletes keys if there is no
 reply. It also allows anybody with access to your email address to
 delete your key and upload a different one, according to Wikipedia
 [0].

I just recently published a number of keys, and never noticed any such
emails.


 [0] 
https://en.wikipedia.org/wiki/Key_server_%28cryptographic%29#Problems_with_keyservers


 - --
 Best regards

 MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net

 Yellow snow is not lemon flavoured
 -BEGIN PGP SIGNATURE-

 iPQEAQEKAF4FAlPSTQtXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
 bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
 N0VDQTAzAAoJEKipC46tDG5p/rMD/2jee+I7sU1i7Dj7dD1U1NXfxfeXADVVpoSg
 O+cdMw4rhJLUbYg4c6GIvnvN6EeqvV5I85QMEvwpgimvY910Md2/KViqb6S215wY
 WbtwAmVLyRdrB3pa8+03iTbGpaqlP6hjULDo8qEP0t63PLXHXujPqjoMmkg1/JHk
 CXLcHH/4
 =+CbD
 -END PGP SIGNATURE-


 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Where to save passphrases?

2014-07-25 Thread Schlacta, Christ 
I might suggest using the same passphrase you use for your password
manager for GPG.  So long as you use a strong passphrase and practice
good password practices on this password, it should remain
uncompromised.

On Fri, Jul 25, 2014 at 2:36 PM, Mathias Bauer mba...@mailbox.org wrote:
 * Sudhir Khanger wrote on Fri, 25 Jul 2014, at 23:10 (+0530):

 I was wondering once you have a working setup where do you save
 your passphrases of your master and multiple subkeys.

 Usually it's *one* passphrase for the whole GnuPG key material.
 And even more usually this one is stored in one's human brain.
 (Some special scenarios may handle this differently.)

 Is it safe to use some soft of password manager? Not really
 ideal but I use LastPass.

 Maybe human brain is not ready for storing a great and still
 growing number of passwords, but it is capable to store at least
 a very small number of important passphrases.  For all those
 other passwords using a password manager may be just fine.

 So, if you're using a password manager for your GnuPG passphrase,
 you will either run immediately into a chicken egg dilemma as the
 manager needs a password, too.  Or you might not be concerned at
 all about security and might ask yourself why using GnuGP anyway.

 I'm sorry, there are only these two possibilities.

 Regards,
 Mathias

 --
 CAcert Assurer

 Do you want to encrypt your mail?  Then join CAcert and get your SSL
 certificate from https://www.CAcert.org.  If you have any questions,
 don't hesitate to ask.

 OpenPGP:  ID 0x44C3983FA7629DE8 - http://www.sks-keyservers.net
 Fingerprint: B100 5DC4 9686 BE64 87E9  0E22 44C3 983F A762 9DE8

 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: email bot for PGP/MIME PGP/Inline conversion

2014-07-14 Thread Schlacta, Christ 
Verify, strip, resign. Of course each person would have to configure their
own trusted MTA.  If it got compromised, it could either falsely verify
inbound mail to them, or spoof out bound mail as them. Dependent on which
function it was configured to perform.
On Jul 14, 2014 10:22 AM, martijn.list martijn.l...@gmail.com wrote:

 On 07/14/2014 06:18 PM, Doug Barton wrote:
  On 07/14/2014 09:06 AM, martijn.list wrote:
 
  Unfortunately this won't work. You cannot convert a PGP/MIME message
  into a PGP/INLINE message and vice versa. With a PGP/MIME message, the
  complete MIME structure is signed and/or encrypted. This includes
  attachments etc.
 
  In the absence of attachments, I'm fairly certain you're wrong about
  that. I've written a script to verify the signature of PGP/MIME
  messages, and the signature is over the message itself (again, in the
  absence of attachments). It should be fairly simple to take that script
  and output the message body with a synthesized inline signature.

 Yes with a text only message it should work. But if you have a
 multipart/alternative message (i.e., text and html part) you'll run into
 troubles.

  Attachments add a lot of complexity, but even there it should be doable,
  just a SMOP.

 But how? you can of course show the complete MIME structure but that is
 not very informative I would think. Perhaps I'm missing something though.

  The thing that would trip you up are message types that can only be
  successfully signed with PGP/MIME, like HTML, and certain character
  encodings. So you could never have a completely successful solution, but
  you could probably get to 80% or so with a minimum of difficulty.

 With unfortunately won't work, I meant won't work in the general case
 :) Of course there will be cases where it will work. The problem is that
 since the original message is encrypted, you cannot know for sure for
 which message it will work and for which message it won't. But if
 someone is happy with 80% reliability then you might make people happy
 with such a service.

 Kind regards,

 Martijn Brinkers

 --
 CipherMail email encryption

 Open source email encryption gateway with support for S/MIME, OpenPGP
 and PDF messaging.

 http://www.ciphermail.com

 Twitter: http://twitter.com/CipherMail

 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

How to add secondary uid?

2014-07-13 Thread Schlacta, Christ 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I've googled, and I've searched, and I've tried and I've screwed up
and deleted without sending to keyserver...  but I can't for the life
of me figure out how to add my lesser used e-mails to my gpg key as
secondaries.  Every time I try, they become the primary uid, and
completely unsigned by the people who have signed my primary UID, as
well.  Not sure how to add the secondaries...  but I figure one of you
will know.  How do I add secondary UIDs to my gpg key?
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJTw1dLAAoJEFiHuRCpy1pBtP4H+wRRD6b9/BYfSBZu4kl9v6m3
GNi55gzA94rydQY6v4F3TJyVAqSl0BY8i1m3/H/YIbB9o1rnh7sgQs/4pxDBJ9xN
jYrzcNjLwlYMEe5n8SjL4Rey07Aiu0uDNWkSyWgCnwoBnuyFMaZjO7sikpP5Kjza
l+jjQFJagfW6ZclvmXBKfspWOOX9jp9Q6llXGjvM+DNcW6YDvaqTGu/40s5LRLYv
VMAfabBZKnWCoP6LQGq/ASmCl5DdRIDJznUX5TBJUOfho4jEJnEppqSA5HYEiXuQ
sYVgculebCArcSskgYax0n3KF5MH1hC+8yO9/oBaLza0Y91OcmOBQcJKreAz10s=
=n8+1
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: how to do

2014-07-09 Thread Schlacta, Christ 
Depending on how many users are expected to have access to this file, you
can just maintain a public keyring that everyone has.  You then have
everyone encrypt to the list of everyone, and then anyone can decrypt it
with their private key and password and re encrypt to everyone.  This
solution scales poorly, and so should be used only on a small scale.

For a larger scale, you probably want a more robust solution.
On Jul 8, 2014 10:16 AM, Gould, Michael (RIS-BCT) 
michael.go...@lexisnexis.com wrote:

  Currently we use do not use pgp for email, only to decrypt and/or
 encrypt customer files for processing.  We currently use a single user id
 for this however this doesn’t allow us to audit the use.  What I was
 wondering is can I create a public key that has everyone’s email address in
 it that should have access to a specific private key?  If not any other
 suggestions or example or URL of places that have detailed explanations
 would be appreciated.



 Best Regards



 Michael Gould



 --

 * The information contained in this e-mail message is intended only for
 the personal and confidential use of the recipient(s) named above. This
 message may be an attorney-client communication and/or work product and as
 such is privileged and confidential. If the reader of this message is not
 the intended recipient or an agent responsible for delivering it to the
 intended recipient, you are hereby notified that you have received this
 document in error and that any review, dissemination, distribution, or
 copying of this message is strictly prohibited. If you have received this
 communication in error, please notify us immediately by e-mail, and delete
 the original message. *

 ___
 Gnupg-users mailing list
 Gnupg-users@gnupg.org
 http://lists.gnupg.org/mailman/listinfo/gnupg-users


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Greetings everybody, new user here

2014-07-07 Thread Schlacta, Christ 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi everyone.  I just signed up to this list and thought to introduce
myself.  I've been aware of gpg for a long time, but seldom have I had
occasion to actually use it.  Well, now I do, so I'm all signed up and
introducing myself.  As you can probably see, my name is Christ.  I
work in the web development industry and have ties to the security
sector.  Surprising as it is, most people I communicate with simply
don't use GPG, so I've never had occasion to use it beyond the
occasional verification of a package or download.  Well, now I have my
own key, 389B07F6, published to the local keyservers, and I joined the
list.  I have a few minor issues I'll post about separately as
occasion arises.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJTu15mAAoJEFiHuRCpy1pBNrIIANJnpETE/AtFGJyzeFEcvvD/
CwBC7clA6Wl2SkqSTU8sV140YwtcmDhWoFDG1qav5hCUjqwOyxX/yprwBoj12T+I
egghupb2pQHPOW2ZzDL83w2hZuk/uQcqQ0+TxUDQAR8dD1jxM7rc2Ew1pc7sje8Z
yEN3TXlvFynL++CeFBy/eVXVhhymDF+NKWnHjsrE8zGBXdg5527fZOyxOegmSzHV
AH6aAXl83USBQyJZafo2+s4TR1ijOWxB6cNVx+Di9RpROJsOeN3gyf1g7lBsgG5i
zrTfjnlEJYZJ7ZB6d08cL/zlx5rv2Tt88/zGX2GyvCLlPYZteDXG0t9eSNsSj4o=
=zVNz
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Key server long propagation delays?

2014-07-07 Thread Schlacta, Christ 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I was recently setting up my new keys along with some other people,
and I discovered that as soon as one of my cohorts sent their keys and
recieved confirmation, I could retrieve the keys and they showed up.
When I sent stuff to the key servers, however, they couldn't retrieve
them for upwards of several minutes.  Later in the evening, we both
sent each other's signed certificates back to the key servers, and
that propagation delay was several HOURS in duration.  We made sure to
both send to the same key servers, and we tried multiple different
keyservers, but ultimately the only solution was to wait.
Furthermore, I failed in attempts to google this problem, and couldn't
find any documentation on key server change propagation delays.  I
wanted to know if what we've observed is Normal, and if so, if there's
any way we can reduce the time it takes our keys to be visible to each
other.

Thanks in advance!
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJTu1+fAAoJEFiHuRCpy1pB6CYH/iYgqoJqNwV+nsLdUNX+OT5c
i9fKkkkDcigmHAIOONyed4MCTyyAs2GWwwIoMyNSc3jA4SnSun7qL+jZ/ujsppzL
z9mGwEHbe7DmO2GcWUNfX9cW014tRB1wnBQ1k4Z9jvEiGXHR1vDr/wx4MFitwDr6
hkjIqpizLE1xbh4JuSX70ESMlSyLE3fk+cqs10lD1KOGKizlLEoR1QZ9zs1YmLQR
MxZQGFhJjruO+z3gpT+xnr6GoamkgWXgiORec9b0mnG6du6ioGX+mvRv38pC6PYE
M5qOAolcOFOLN8+K1/ZAR/9uVdJiKpFKO8UCIlCLwbGa9AVRGOuh4NrViWkqbmQ=
=a6pQ
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users