gpgsafe - wrapper for gpg to protect against secret key attacks

Lionel Elie Mamane lionel@mamane.lu
Wed Jul 4 08:36:01 2001


On Sun, Jul 01, 2001 at 06:15:01PM -0600, Kurt Fitzner wrote:


> The caveat to this, is you need to make SURE you use 'updategpgsafe' every
> time you make any change to your secret keyring AND every time you --edit the
> public keys associtated with your secret ones.
You might run it after GnuPG in the script (maybe only if the keyrings have changed, or ask teh question (if none of the arguments is --batch))... This is a flaw for when it is a trojaned GnuPG binary that make the "secret key modification attack", but with a trojaned GnuPG binary, you are screwed much beyond that anyway...
> If you do this, then (as far as I know), this will protect you
> against secret-key modification attacks.
Hmm... If one person is able to edit your keyring, why won't she be able to trojan the GnuPG binary, the gpgsafe wrapper, or simply run "updategpgsafe", too? -- Lionel Elie Mamane RFC 1991 (PGP 2.x) 2048 bits Key Fingerprint (KeyID: 20C897E9): 85CF 986F 263E 8CD0 80FD 4B8C F5F9 C17D OpenPGP DH/DSS 4096/1024 Key Fingerprint (KeyID: 3E7B4B73): 9DAD 3131 3ADA F50B D096 002A B1C4 7317 3E7B 4B73