understanding what gnugp can do

Jack McKinney jackmc-gnupg-users@lorentz.com
Tue, 24 Oct 2000 07:37:35 -0500 

--xHFwDpU9dbj6ez1V
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Big Brother tells me that Armin Hartinger wrote:

> >     As long as you don't let them know that the key is stored unencrypt=

ed

> > on the hard drive...

>=20

> not the key, just the passphrase. And I plan not to run any services on t=

he PC where this

> batch will be located. Maybe there's also a way to send the passphrase to=

 gpg encrypted?

    This would require that gpg have the key to decrypt the passphrase.
If someone breaks into the machine, they'll be able to use gpg to decrypt
the cards the same way you do... by sending the encrypted passphrase to
your copy of gpg which knows how to decrypt it...
    If it can be done automatically by the computer, then someone who
gains access to your site can trigger the automatic process and get the
same result.  The only way to prevent this is to require human intervention
with the passphrase stored in one's brain ONLY.
    My recommendation is that the client be instructed in PGP or GPG. Then,
you have them generate an encryption keypair and upload the public key to
the web server through an admin page.  Then, after you have verified the
fingerprint with the client, the web site starts to use the key to encrypt
the cards.
    At this point, even if the machine is PHYSICALLY STOLEN, the thief will
have ONLY the public key and the encrypted cards.  Not even the encrypted
private key resides on the server.  For that matter, not even the web admin
can decrypt the cards, since the encryption key was provided by the client
(this is an important point for satisfying VISA's new security requirements=
).
    When the client is ready to process cards, they download the encrypted
card numbers from their admin interface, and hand them to GPG (this could
probably be done with a MIME type that their browser knows to call GPG when
it sees...).

--
"Restore your inalienable human rights.       Jack McKinney
 Vote Libertarian.  http://www.lp.org         http://www.lorentz.com
 http://www.harrybrowne2000.org               jackmc@lorentz.com
                                              1024D/D68F2C07 4096g/38AEF076

--xHFwDpU9dbj6ez1V
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjn1go8ACgkQimeon9aPLAf+jACgkme3Zaq7IZJWP3UbmvRHuQTU
lIEAn1Mm/HI6D6zwJ+wXZckJ/X7vvV8y
=AZ6u
-----END PGP SIGNATURE-----

--xHFwDpU9dbj6ez1V--

-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org