gpgsafe - wrapper for gpg to protect against secret key attacks
Lionel Elie Mamane
lionel@mamane.lu
Wed Jul 4 08:36:01 2001
On Sun, Jul 01, 2001 at 06:15:01PM -0600, Kurt Fitzner wrote:
> The caveat to this, is you need to make SURE you use 'updategpgsafe' every
> time you make any change to your secret keyring AND every time you --edit the
> public keys associtated with your secret ones.
You might run it after GnuPG in the script (maybe only if the keyrings
have changed, or ask teh question (if none of the arguments is
--batch))... This is a flaw for when it is a trojaned GnuPG binary
that make the "secret key modification attack", but with a trojaned
GnuPG binary, you are screwed much beyond that anyway...
> If you do this, then (as far as I know), this will protect you
> against secret-key modification attacks.
Hmm... If one person is able to edit your keyring, why won't she be
able to trojan the GnuPG binary, the gpgsafe wrapper, or simply run
"updategpgsafe", too?
--
Lionel Elie Mamane
RFC 1991 (PGP 2.x) 2048 bits Key Fingerprint (KeyID: 20C897E9):
85CF 986F 263E 8CD0 80FD 4B8C F5F9 C17D
OpenPGP DH/DSS 4096/1024 Key Fingerprint (KeyID: 3E7B4B73):
9DAD 3131 3ADA F50B D096 002A B1C4 7317 3E7B 4B73