Erik de Castro Lopo wrote:
Jeff Waugh wrote:
Maybe not so silly.
Obviously you don't want to use to use public key encryption because that
would put the private key, the public key and the cipher text all on the
same machine. That makes the encrypted data only as secure as the machine
its sitting on.
Errr, I don't thin thats right. Even if they have the machine, they still
don't have the pass phrase. Is that right? Any crypto gurus out there?
Essentially, you're correct. A private key (file, chunk o' text, etc) is
actually a copy of your private key (the really long number) that's been
symmetrically encrypted (with a password as a key).
Unfortunately, passwords suck for security (mainly because we suck at
making them up and remembering them). So, if you store the keys and the
ciphertext together, rather than having a couple of pretty good layers
of security (some of which are cryptographically strong), you're left
with one pretty brittle one.
There's nothing stopping you keeping the private key seperate, though -
on a usb key, for instance.
It's worth noting here that public key crypto wasn't built for this sort
of thing, though, so I'd want to have a long hard think about the design
and whether you were doing anything new, lest you introduce some weird
vulnerability. Particularly since everyone else seems to do away with
the abstraction and use a symmetric cipher.
Anyway, based on the idea that public key crypto is still Ok for this,
I spent a couple of hours and bashed out a little app using libgpgme
and that seems to work for me.
This isn't the world's brightest idea -- no offence -- almost every
single piece of "secure" software out there has been shown to have
vulnerabilities at one point or another, and you'll find that almost all
of those vulnerabilities were related to implementation (assuming they
weren't so stupid as to try their own cipher *cough*css*cough*). It's
basically impossible to factor every attack vector for an app, and
you'll probably go insane trying. :) (as I understand it, the only
accepted methodology seems to be peer review)
Of course, it depends on how secure you want the info you're protecting
to be. Building on a solid crypto library is a really good start, but
for your particular app, there are much easier attacks I'd be looking at
first, like how you're storing the plain text prior to encryption
(memory structure), what you're using to edit the text (oh, you're not
using an off-the-shelf are you? bzzt! Most of them have a temp file!),
right down to file formats (how do you serialise the data prior to
encryption without weakening the crypto scheme?), and what you do with
the data in memory prior to encrypting it (PasswordSafe goes so far as
to implement a new version of strcpy after they decided that the
standard version didn't clean up safely).
Then I found the -x option in Vim. Anyone know what crypto algorithm it
uses? I really hope its not XOR.
Heh. Your garden variety symmetric cipher is a series of functions and
XORs. :)
Cheers,
Matt
P.S. Wikipedia seems to have a pretty good introduction to symmetric
cryptography and it's (dis)advantages:
http://en.wikipedia.org/wiki/Symmetric_cryptography
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
