Authenticating info on a "compromizable" system

Hauke Laging mailinglisten at
Tue Nov 20 07:45:44 CET 2012

Am Mo 19.11.2012, 22:57:13 schrieb Jean-François Dagenais:

> We write information in EEPROMs which are located on 2-3 components
> (physical electronic boards) in the system. The information is of the kind:
> - product id number - board serial number - unit serial number - etc.
> I want to sign the content somehow (not encrypt it, it's not sensitive info)
> so that the running software (which could be compromized remember) can
> authenticate the information as coming from the company, it's production
> crew, or authorized resellers which may have to perform board swapping and
> such.
> Authentication ensures we can detect system tempering honour software
> options, warranty and such. Of course we want to make it hard for attackers
> to fake this, it doesn't have to be bullet-proof.
> I thought of generating a key for this purpose, call it "Production key",
> with a passphrase on it. Authorized people are given the passphrase. And
> the software has the public key obfuscated in its bowels. Rotate the
> obfuscation on each update release to mess with the attacker.
> This is too simple to be useable I imaging, hence reaching out to the
> mailing list.

I think it is as you describe: Easy but of limited protection (depending on 
the possibility to compromise your software or its keyring or the contained 
gnupg). And, of course, it does not prevent an attacker from copying a signed 
configuration from another system.

> As a side question, if the "Production key" pgp key-pair has a passphrase on
> it, can it's .gnupg dir with the trustdb.gpg be out in the wild? I ask
> because the EEPROM update tool might have be distributed with the system.

A passphrase like gslLThmk8DlrZR1Me6 offers protection similar to that of a 
2048 bit key (see --s2k-count, too). So disclosing the safely encrypted secret 
key would not be a problem. How such an observation might influence the 
opinion of your customers and partners about your work is a different 
question, of course...

trustdb.gpg just stores the ownertrust level of keys. It just tells someone 
which (but not necessarily all) keys you have in your keyring and how much you 
trust them.

PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20121120/4f51b5a5/attachment.pgp>

More information about the Gnupg-users mailing list