security issue with signing files
Anthony E. Greene
agreene@pobox.com
Sun Nov 25 00:32:01 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, 24 Nov 2001, Florian Weimer wrote:
>I don't think both scenarios (local copy vs. in-memory copy) make much
>of a difference. If an attacker is able to fiddle with my files, in
>almost all but a few constructed cases, he can also take over my
>account, grab the secret key, and eavesdrop the passphrase.
We're not talking about a deliberate attack here. This is about
inadvertantly signing a document that has changed without your knowledge.
The change was made by an authorized user; you just hadn't see the change
when you signed the document.
The document is shared but your keys may not be on a shared resource. So
your keys may not be vulnerable at all. This is a real problem that cannot
be hand-waved away. The solution is simple, but it is something that
signers should be aware of.
Tony
- --
Anthony E. Greene <agreene@pobox.com> <http://www.pobox.com/~agreene/>
PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
Chat: AOL/Yahoo: TonyG05
Linux. The choice of a GNU generation <http://www.linux.org/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene <agreene@pobox.com> 0x6C94239D
iD8DBQE8AC1UpCpg3WyUI50RAjppAKC0WNRBdk6Uv7K+kmyMdvMYeDWWyACeK/RI
JlOgd+ZzuRWBrt2GivnHwm0=
=/bj2
-----END PGP SIGNATURE-----