Re: PGP scripting...

Thanks for going back to the rot.
It is always good to look at the objective.

problem statement:
data kept locally (like logs, order data) must be protected against the local system users (programs, real usrs, real hackers)

first proposal: use symmetric encryption problem: encrypting key is present somehow on the system, so in theory local users
may be able to get at the data.
(risk assessment: how hard, how likely ?)

improvement: use assymmetric encryption
only one of the two keys is known/accessible locally assumption: local encryption possible, local decryption requires breaking the assymetric encryption [FWIIW: I like this idea]

Question: two stage or single stage?
two stage: symmetric encryption with a key encrypted assymetric
one stage: assymetric only

Question: is one stage assymetric OK?
I think this is the point were we are at, correct?

My answer: be careful, it may not be OK. Attack: repeat the encryption for possible plain texts. If that space is smaller than the key space, you have a better attack.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

example - unclear: db with credit card numbers Find 'a' credit card number: requires enumeration over number of creditcards. Which search space is larger?

example - clear: did you buy at company xxx? Search space is the amount of entries: small.

example (logs) : did the IDS pick up my attack? I known fairly accurately what the data would be, so I just look in the database (or traffic) to find this evidence.

I hope this makes it clear.
With assymtric encryption you have one attack you do not have with symmetric. You have access to one of the keys (the public). So you can enumerate plaintexts and produce encrypted texts to match the target encrypted text. [note, the dual case is obvious: if it were encrypted with the private, you just use the public] In the two stage approach, the thing you encrypt is a total random key making this attack worthless.

Jason Coombs wrote:

> Andre Mariën wrote:
> 

> 
> 
> I thought we were talking about the value of asymmetric encryption in a
> scenario where a sending box (the encryptor) needs to effectively get rid of
> the data ASAP but do so in a way that is recoverable on another box (the
> decryptor) which is purposefully not accessible from the encryptor via the
> network.
> 
> Asymmetric encryption is also valuable for bulk encryption in a scenario
> where a software vendor or other already-public entity needs to communicate
> authentic data ("here is the latest build of our software") but doesn't want
> to deal with the problems of PKI (certificates, certificate chains, digital
> signatures, etc.) and wants some digital communications authentication but
> doesn't want to try to publish a list of authentic hashes (which, absent a
> digital signature and PKI, a third-party can simply tamper with upstream
> from an end-user) or distribute executable bytes that most people will
> simply execute without further verification anyway -- by encrypting the
> software build with the vendor's private key, any third party who wishes to
> execute the software must first obtain the vendor's public key and decrypt
> the software. Either the software decrypts with the vendor's public key
> (giving a sort of lightweight digital signature) or it doesn't and if it
> doesn't then there is no way to execute the bytes and the whole computer
> world is a lot safer as a result.
> 
> This thread was started on 1/7/2003 when Andrew MacKenzie wrote:
> 
> 

> 
> the
> 

> 
> 

> 
> 

> 
> 
> -----Original Message-----
> From: Andre Mariën [mailto:andre.marien@ubizen.com]
> Sent: Thursday, January 23, 2003 9:05 PM
> To: jasonc@science.org
> Cc: Glynn Clements; Beatie, Breck (ISSMountain View);
Do you need more help?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:
Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related securityfocus.com Links
bugtraq
certification
focus-bsd
focus-ids
focus-ih
focus-linux
focus-ms
focus-sun
focus-unix-other
focus-virus
forensics
incidents
libnet
linux-secnews
ms-secnews
pen-test
secpapers
secprog
sectools
secureshell
security-basics
securityjobs
sf-news
vuln-dev
webappsec
Request more information about Pantek
> secprog@securityfocus.com
> Subject: Re: PGP scripting...
> 
> 
> It may be just me, but I am getting confused.
> If we keep both private and public key secret,
> why not use plain old symmetric cryptography?
> We are talking about confidentiality I thought.
> If we take it to non-repudiation there still are some merrits.
> 
> One of the things about public/private keys is,
> well, the public key can be public.
> 
> -- André
> 
> 
> Jason Coombs wrote:
> 

> 
> key.
> 

> 
> on
> 

> 
> plaintext
> 

> 
> than
> 

> 
> ciphertext] --
> 

> 
> private
> 

> 
> 
> --
> André Mariën
> 
> Ubizen  
http://www.ubizen.com
> Phone   +32 16 28 70 00
> Fax     +32 16 28 71 00
> 

-- 
André Mariën

Ubizen  
http://www.ubizen.com
Phone   +32 16 28 70 00
Fax     +32 16 28 71 00