trusted keyring storage

Werner Koch wk@gnupg.org
Fri, 17 Sep 1999 09:32:50 +0200 

Jim B <vader@stargate.kersur.net> writes:


> Now I'm running Linux and looking for a decent mechanism to store my keys,


The only keys you have to be concerned about are the secret keys in 
~/.gnupg/secring.gpg.


> mount it only when necessary, but I'm wondering how much trust I would be

> able to put into the usual filesystem security (i.e., permissions) to


Permissions work (and GnuPG always fixes the permissions of the
secring to be 600 so that only the user can read/write them).  However
with a bad password or a system which allows for remote root access
(most systems do as there are always some bugs - the most current ones
are the ProFTP bufer overflows - really bad).  So you better don't
allow any remove services - except for ssh - on your machine.  But
everone wnats FTP and such stuff.  No real solution for a networked 
box.


> little weary of putting keyrings on any networked machine.  I guess my real

> question is, "Am I being too paranoid?"  :)


It depends on how much security you need.  Use a GOOD passphrase for
your secret keys and use tripwire to check your system for
modifications.  This makes the life of an attacker much harder and he
has to spend a long time doing a dictionary attack on your stolen
secret keyring.

Some solutions to overcome these problems are :

  1. A hardware device to handle all sensitive crypto stuff (i.e
     storing the secret key and performing all the actions where 
     a secret key is involved.  This one has to be enbaled only
     with direct physical access (a keyboard for entering the
     passphrase)

  2. Store a part of the secret key on a small device which you can
     carry around.

  3. Use symmetric crypto for important messages, find a way to
     exchange the keys on a non-electronic way and chnage them often.
     This has the advantage that a stolen key can only be used to
     decrypt the the messages encrypted with this key.  On contrast
     a stolen secret key (and cracked passphrase) enables the attacker
     to decrypt all messages you have ever encrypted using that key.

  4. To protect your investment in key signatures, don't put them onto
     your normal key but on a "high security" key which you only use
     for certifiying other keys.  I do exactly this:  I have this
     secret key not online but on a floppy stored on a more or less
     secure place.  When I am going to sign keys, I copy them onto my
     laptop, unplug the laptop from the network, hope that there is no
     trojan installed on it, import the key to sign, insert and mount
     the floppy with the secret key, do a 
       "gpg --secret-keyring /floppy/secring-gpg --edit foo",
     sign the key, umount /floppy, get the network back, transfer the
     key to the desktop box, unplug the laptop and send the signed
     keys to their holders.  Ah yes, and I signed my regular key with
     the "high security" key and hope that everyone trusts me enough
     to set the trust parameterof my regular key to full.  The last
     point will probably be fixed by automatically transferring the
     validity of a key to a key which has some special properties
     (maybe it is sufficient to use a revication key for this - I have
     to think about this) 


My 2 cents on this problem. [did you notice, that we Europeans can now
use the same phrase as the Americans (for the UK: s/cents/pence/ :-)]


   Werner


-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013