security issue with signing files

David Shaw dshaw@jabberwocky.com
Sun Nov 25 01:12:01 2001


--JP+T4n/bALQSJXh8
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Nov 24, 2001 at 08:54:57PM +0100, Florian Weimer wrote:
> David Shaw <dshaw@jabberwocky.com> writes:
>=20
> > All that said, a possible solution to your problem is to make a local
> > copy of the file to be signed in a place that only you can write to,
> > and verify that local copy is the one you want to sign before signing
> > it.  Is that perfectly secure?  No.  It just changes the threat
> > model.  Only you can decide if it changes it enough to make your
> > application safe enough.
> >
> > Another way to approach the problem is a program that reads the file
> > into memory, shows it to you for approval, then pipes it directly from
> > memory to GnuPG for signing.  This has the advantage of raising the
> > bar fairly high for an attacker - it is harder (but again, not
> > impossible) to modify the memory of a running process.
>=20
> I don't think both scenarios (local copy vs. in-memory copy) make much
> of a difference.  If an attacker is able to fiddle with my files, in
> almost all but a few constructed cases, he can also take over my
> account, grab the secret key, and eavesdrop the passphrase.

I don't think either.  However, I'm not the signer.  It is not up to
me to determine what is secure enough - I don't know which OS is being
used, the physical security situation, signing policy of the site,
etc.  Only the signer can make that call.  That is why I didn't answer
"You should do this".  I answered "Here are the issues.  Make your own
decisions."

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+--------------------------------------------------------------------------=
-+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

--JP+T4n/bALQSJXh8
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6b (GNU/Linux)

iQEVAwUBPAA2oIccwqs8s7QVAQGD4Af/X54Lfa4hfg7MDgPG/sZx3SKfNJWTJ4Ri
uNhe3SPzy0nxv3QVYf6khzwPbCtFsEzOu1mVJS8NoIjgpJD9fm6MEQAfbM0zPc7S
jtM7OQmaTxC48kwzYPLg3bzxlsifIxyCpFJ2J8hZEJkBTJhnxEOVfSARABt40cgD
FavDghsja6omC6Ns/FluTymeo0CrtMFzxvb8Sucxv5J2WJFvZwZmDYdsxH49KEC7
FaZPMeKukdRWcWW3yk1mK94OsIWthbtbUO0MgPJcej0C3J9TrbjjfzWqGPknQ0hl
FkkN+XpxVgFZgWMPZ5UN+ax3QzPhOikR3qxY4b6V7VYkxVQ9SYG55w==
=Ri5q
-----END PGP SIGNATURE-----

--JP+T4n/bALQSJXh8--