noecho before prompt
Bernd Jendrissek
berndj at prism.co.za
Fri Jul 8 09:53:28 CEST 2005
On Fri, Jul 08, 2005 at 09:32:02AM +0200, Werner Koch wrote:
> On Tue, 5 Jul 2005 15:02:41 -0700 (PDT), Scott Worley said:
> > "Enter passphrase:" is a contract with the user. It means, "It's
> > safe to type now."
>
> Would you mind to elaborate on the problem and the proposes solution?
Presumably the concern is that gpg may get scheduled out after showing
the prompt, but before setting noecho, and that it may remain scheduled
out for long enough for a user to type some characters, which the kernel
dutifully echoes. Evil Eve happens to walk past, and sees that Alice's
passphrase starts with "Bo", and suddenly it becomes feasible to crack
her passphrase, and John (the password-cracking program, not another
crypto actor! :) finds it in two months of CPU time instead of in 10
years.
(Never mind that John would have found "Bob" in about 400 CPU cycles.)
--
I have neither the need, the time, or the inclination to put words into your
mouth. You are perfectly capable of damaging your reputation without any help
from me. --Richard Heathfield roasts a troll in comp.lang.c
More information about the Gnupg-devel
mailing list