How to prevent passphrase caching in 2.1
Carola Grunwald
caro at nymph.paranoici.org
Wed Nov 23 03:28:36 CET 2016
Peter Lebbing <peter at digitalbrains.com> wrote:
>On 22/11/16 17:20, Carola Grunwald wrote:
>> They don't have any system account at all. These are users of a
>> messaging system, only allowed to access its POP3, SMTP and NNTP
>> service.
>
>Perhaps 1.4 is the best release for you... you'll miss out on Elliptic
>Curve, but other than that, it's still a supported release.
Sure, I like v1.4's small footprint and its reliability. But as the
--faked-system-time option, important in my application for privacy
reasons, wasn't backported to v1.4, I had to migrate to v2.1. I'm still
not very confident in EC cryptography's strength nor am I interested in
dealing with just another background service, which freezes every now
and then and actively has to be stopped with my application to keep it
portable.
>
>> They don't have direct access to any key. Nevertheless by using someone
>> else's cached passphrase with 2.1 and its all-embracing keyring they may
>> succeed in decoding data not meant for them.
>
>Perhaps you should implement access control in your frontend, instead of
>asking the agent to perform access control, for which it was not
>intended, AFAIK.
There's server access control through a username/password combination,
access to the corresponding PGP key is given by a usually unique base64
encoded 256-bit random number dedicated to the account.
But if for decryption a cloud of unpredictable valid passphrases is used
...
> It sounds like you just want the ability to work with
>OpenPGP material, rather than the user-centric model the agent seems to
>correspond to. When GnuPG gives you a square peg, you'll have to build
>your own adapter before it fits in a round hole ;).
Well, I didn't know that GnuPG follows a single-user strategy. Now I do.
>
>By the way, I'm not recommending anything (this in response to your "do
>you seriously recommend..."). I know nothing about your application or
>what you demand of it. I'm merely trying to give you directions to look
>in, while you search for the correct architecture of your application.
I'm truly sorry, no harm intended.
Kind regards
Caro
More information about the Gnupg-users
mailing list