Risk Assessment

brian moore bem at cmc.net
Thu Oct 22 22:43:20 CEST 1998


On Thu, Oct 22, 1998 at 09:06:16PM -0500, Richard Lynch wrote:
> Did everything via telnet, since my ISP is 1000 miles away.

telnet is snoopable, you should use ssh... :)

> Generated keys using insecure memory, since I can't chown the binary to root.

Probably not bad.

> Exported all the keys and then the secret keys (--export-secret-keys isn't
> listed in -h, btw).

Okay, then delete them.  You don't need them. :)

> Elected not to use a passphrase, since it would be in a web-site script,
> which is publicly visible anyway.  Yeah, I *could* create a third script in
> a secure area to call that would spit the password out to the encryptor...
> if I knew exactly how to do that...

Ah, but then you're missing out on the cool part of Public Key
encryption.  You don't NEED a key on the remote Unix box... well, you
do, but not the secret key.

Think of it as handing a unlocked padlock to someone and asking them to
lock the gate with it.  They don't need the combination to use it, they
can just clamp it on and it's done.

In the same way, with PK, you can live happily with no secret keys at
all, yet still mail encrypted data to people.  They have what it needs
to decrypt: you just need the open padlock (ie, their public key).

> Will be encrypting the data with insecure memory from a PHP web-script.
> Or not upgrading as often as I should.

If you're running Stronghold or one of the author 'secure' variants of
Apache, your only real danger is if root is compromised on that machine,
and even then it's not going to yield more than a credit card or two
that may show up in the core dump.

This is on a 'secure' server, right?

> The ISP gave me compiler access, but I still can't chown the binary to
> root, nor seriously expect them to do so every few days...  Would there be
> a way that your average paranoid ISP would be able to let me chown a
> specific file to root?...

Nope. :)

> E-mailing the encrypted order to the client.

Good.  That is probably the weakest link in the chain, since it is a
nice repository of credit cards waiting to be collected.

> I suspect I'm still not using the whole secret/public keys properly...  I
> generated all the public and secret keyrings on the Unix box (via telnet)
> and then exported them to the Windoze box...  In retrospect, perhaps it
> would have been better to generate the client's secret keyring on the
> Windoze box and export only the public ones from each to the other.  But
> I'd be trading the telnet/RAM-sniffing risk for the crappy RNG (hey, that
> stands for Random Number Generator, doesn't it?!) on Windoze.  My hatred of
> Windoze made me assume that it was still better to do it all on Unix.

Actually, PGP under Windows should have a fine random number generator.
You just need noise from the real world like keypress timing, and other
events like moving the mouse.  There's no reason these can't be done
on Windows.

Of course, Windows sucks, but not for that reason. :)

> Oh yeah, all those +s and -s that went by during the random generation...
> Can any meaning be assigned to their occurrences?  I mean, can y'all watch
> them go by and say, "Uh oh, better do it again, not random enough."?

Nope, it's measuring the primeness of things, not the randomness.  It's
more of a progress indicator: if the output stops, /dev/random is
'empty' (it hasn't seen enough real world randomness to return anything:
so moving the mouse/causing net activity and other random sources need
to be used to give it a source of data).

> I can redo the key generation, since I'm not trying to automate that.

I'd do them as you said above: on the Windows machine (preferably on the
customers, so you leave no traces on your own) and then export just the
public key to the remote system.

> Why do I get the feeling that there's a lot of folks out there that are
> just taking credit card orders on a "secure" server, and then transmitting
> them in clear-text via e-mail to their storefront POS credit-card
> machines?...  There *have* to be people other than me who are
> unable/unwilling to pay CyberCash rates...

There no doubt are.  Most aren't even that automated: they just email it
in clear text for a human to pick up once a day.  (The commercial
'server' license for PGP is several thousand dollars last I checked.  I
doubt most people are paying that, and thus leaving piles of credit
cards sitting in plain text in mailboxes.)

It's dangerous as can be to do that, but I have no doubt it's being done
all the time.

-- 
Brian Moore                       | "The Zen nature of a spammer resembles
      Sysadmin, C/Perl Hacker     |  a cockroach, except that the cockroach
      Usenet Vandal               |  is higher up on the evolutionary chain."
      Netscum, Bane of Elves.                 Peter Olson, Delphi Postmaster




More information about the Gnupg-devel mailing list