mailto with pgp fingerprint

Peter Lebbing peter at digitalbrains.com
Thu Jul 24 12:27:36 CEST 2014


On 24/07/14 02:14, Sam Gleske wrote:
> I'm hoping keybase.io <http://keybase.io> will hopefully resolve the 
> issue of identity checking with key fingerprints.

I've just scanned through [1]. I'm not convinced.

This quote is from the front page:

> If you trust the client (our reference client is open source), then 
> the server can't give you the wrong key for maria without getting 
> caught or also compromising her twitter and github accounts.

This one from [1]:

> For instance, when Joe wants to establish a connection to an identity
> on Twitter, he would sign a statement of the first form, and then
> post that statement both on Twitter and Keybase. Outside observers
> can then reassure themselves that the accounts Joe on Keybase and
> MrJoe on Twitter are controlled by the same person. This person is
> usually the intended keyholder, but of course could be an attacker
> who broke into both accounts.

The basic reasoning seems to be: if you want multiple websites to report
incorrect data to the user, you need to hack multiple websites.

Huh?

You only need to be able to MITM close to the victim, and manipulate all
data your victim sees. There's no need to hack any server; you only need
to hack one router and be able to fake SSL certificates. No matter how
many accounts you "link", github, twitter, facebook, security is not
increased against a MITM close to you.

If they thought of this, why is there no mention at all of a MITM'ing
attacker?

It's perfectly possible to write a program that scans all data for
OpenPGP signatures by a specific key, and replaces them on the fly by
OpenPGP signatures by another key. There's no need to MITM all SSL web
traffic: just do the keybase.io traffic, parse the response, and then
MITM the sites mentioned by keybase.io, which the keybase client will
now check.

A laptop "on the move", *not* always using the same VPN, might quickly
escape from the attacker and see the real data. However, the damage
might already be done. You might already have given your attacker that
plaintext that you were so worried about that you encrypted it.

The documentation in [1] is superficial, and my analysis is even more
superficial. This is just something that stood out to me.

HTH,

Peter.

[1] https://keybase.io/docs/server_security

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list