public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
From: Rich Freeman <rich0@gentoo.org>
To: gentoo-dev <gentoo-dev@lists.gentoo.org>
Subject: Re: [gentoo-dev] [RFC] New project: Crypto
Date: Tue, 29 Dec 2015 09:27:59 -0500	[thread overview]
Message-ID: <CAGfcS_ka7NTSSDDmJbvgqvwdMspX5T1TXa=Rt3NCCT_BzExxaw@mail.gmail.com> (raw)
In-Reply-To: <5682918A.5070003@gentoo.org>

On Tue, Dec 29, 2015 at 8:58 AM, Kristian Fiskerstrand <k_f@gentoo.org> wrote:
>
> On 12/28/2015 07:35 PM, Rich Freeman wrote:
>> On Mon, Dec 28, 2015 at 10:07 AM, Kristian Fiskerstrand
>> <k_f@gentoo.org> wrote:
>>>> On 28 Dec 2015, at 15:58, James Le Cuirot <chewi@gentoo.org>
>>>> wrote:
>>>>
>
>
>> That concern is hardly unique to phones.  PCs suffer just as much
>> from this problem.  The solution could potentially be the same.
>> For
>
> But here we already have smartcards (that everyone should and _is_
> using... right?)

I imagine that smartcards have about as much support on mobile as they
do on PCs, which is to say not much.

Sure, you can make it work, but software support for signing stuff is
limited in general, let alone support for doing it with smartcards.

>
>> signing it is a straightforward problem since there is nothing to
>> be kept secret except the key material itself (just send the
>> message to the signing device, and return the signature back).  For
>> encryption
>
> for clarity (and what I think you already mean), the message in this
> case is the message to be signed (which is likely a blinded hash or
> something, so much shorter than the original data)

If you don't display the plaintext on the device doing the signing,
then you're vulnerable to a MITM unless you trust your PC, but if you
trusted your PC you wouldn't need the signing device.

The only thing a smartcard does is protects the private key itself.
It doesn't protect you from manipulation of the data to be signed, or
theft of plaintext, etc.

>
> Indeed, but at least the device won't be able to decrypt further
> communication as it'd only have access to the session key of the
> particular message. Loosing control of the private (sub)key is
> substantially worse, so that might actually be ok for the security
> parameters of the users.

I agree, there are degrees of failure.

>
> This already happen in several countries, including Germany and on a
> semi-related variant Norway (its government approved to sign
> electronically using BankID, where the banks does the verification).
> In germany there is even a CA that checks the government ID and
> certify OpenPGP keys based on it.
>

That is at least a step up.  Should we require or at least recommend
government-signed keys for Gentoo in the few jurisdictions that
provide them?  I guess the main concern would be if we wanted to allow
anonymity.

So many problems would be solved if a signature using a secure device
was required for every financial transaction.  Just stick the PIN pad
on the signing device with a small display.  The device is given a
message to sign including the date, amount to be authorized, and who
is getting paid.  The device displays this info on its screen and
prompts for a PIN.  For the problem of payment authorization that
would eliminate almost all forms of fraud that don't involve holding
somebody at gunpoint (and you could have a duress PIN and an encrypted
field in the authorization large enough to hold either a padded all
clear or an under-duress message with the timestamp and GPS
coordinates that only the bank could read).

In the US everybody seems to be afraid of big brother but big brother
has enough big data that he doesn't really need you to use his fancy
signing device anyway.

-- 
Rich


  reply	other threads:[~2015-12-29 14:28 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-25 17:12 [gentoo-dev] [RFC] New project: Crypto Kristian Fiskerstrand
2015-11-25 19:20 ` Daniel Campbell
2015-11-25 20:21   ` Kristian Fiskerstrand
2015-12-27 22:49     ` Andrew Savchenko
2015-12-28 13:11       ` Kristian Fiskerstrand
2015-12-28 14:42         ` Rich Freeman
2015-12-28 14:58           ` James Le Cuirot
2015-12-28 15:07             ` Kristian Fiskerstrand
2015-12-28 15:15               ` Kristian Fiskerstrand
2015-12-28 18:35               ` Rich Freeman
2015-12-29 13:58                 ` Kristian Fiskerstrand
2015-12-29 14:27                   ` Rich Freeman [this message]
2015-12-29 16:59                     ` [gentoo-dev] " Duncan
2015-12-29 15:02               ` [gentoo-dev] " Yury German
2015-12-28 16:35           ` Andrew Savchenko

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAGfcS_ka7NTSSDDmJbvgqvwdMspX5T1TXa=Rt3NCCT_BzExxaw@mail.gmail.com' \
    --to=rich0@gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox