public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-dev] [RFC] New project: Crypto
@ 2015-11-25 17:12 Kristian Fiskerstrand
  2015-11-25 19:20 ` Daniel Campbell
  0 siblings, 1 reply; 15+ messages in thread
From: Kristian Fiskerstrand @ 2015-11-25 17:12 UTC (permalink / raw
  To: gentoo-dev; +Cc: crypto

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

As recently discussed herds are migrating to projects, and in that
connection we've now set up a project[0] for what was previously the
Crypto herd.

Please consider this an official announcement and request for comment
related to establishing a new project.

References:
[0] https://wiki.gentoo.org/wiki/Project:Crypto

- -- 
Kristian Fiskerstrand
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJWVevoAAoJECULev7WN52F7c8IAKRuTehEeEWDaGy0uA4L4jnV
YLSTVsfFV81moWjKCenzcNGbP94Y5jsy6iwrD7TIpkQzFVNKdiZwgMrv7FpZjtRB
Rl6U9HdKLPMyBtFnxRRWNgEqDl4lrOQ521/tGHviMqhvkHRs5BhNwhLI4olckNmr
zdNp56Od8a9m3daCSQA6+3UQua6QonAvUODAiaBxiHvxHKFpMuZKvrbi+GNecFjp
cJyjvKRS9jjvYbLI/yzebdmApC25sbhsfcYqne8zz2oXon6hu1pyYy157CtzOujw
mHkvdTtepFTLq4MsrFKODUjzxpOJD63ht9Ty2N5liuTbgxeG4b/9W/FTeH7w6nk=
=HP7v
-----END PGP SIGNATURE-----


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-11-25 17:12 [gentoo-dev] [RFC] New project: Crypto Kristian Fiskerstrand
@ 2015-11-25 19:20 ` Daniel Campbell
  2015-11-25 20:21   ` Kristian Fiskerstrand
  0 siblings, 1 reply; 15+ messages in thread
From: Daniel Campbell @ 2015-11-25 19:20 UTC (permalink / raw
  To: gentoo-dev

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 11/25/2015 09:12 AM, Kristian Fiskerstrand wrote:
> Hi,
> 
> As recently discussed herds are migrating to projects, and in that 
> connection we've now set up a project[0] for what was previously
> the Crypto herd.
> 
> Please consider this an official announcement and request for
> comment related to establishing a new project.
> 
> References: [0] https://wiki.gentoo.org/wiki/Project:Crypto
> 
> 
Sounds good to me. I have a passing interest in crypto, so where do I
sign? :)


- -- 
Daniel Campbell - Gentoo Developer
OpenPGP Key: 0x1EA055D6 @ hkp://keys.gnupg.net
fpr: AE03 9064 AE00 053C 270C  1DE4 6F7A 9091 1EA0 55D6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWVgoQAAoJEAEkDpRQOeFw96UP/1hM987KB9d5K5iY8vPA9dW4
vmmW3xFruiv7cUqFjsj4o4fVdmeLhQiJoX0oz8vD6Hb2PDzZSq6g69R621V023wu
g0/22U+zhXW7tgdAlEBfs5MUot4PkmmAJAhA2n54nNkgCC/GNQ3+t8P8guwoer4Y
jykEdTfUEDUmabH5gX9Ei4dHWq+wptZEFQBLhn1ysUqtfTkHFaema+W+J530UOgf
s4+WV+Crwu5aJeqElvDRuXJ4Tc5oXM2QDaBdFRnTjxUfZTURgXXGtlbnHePO/vH1
n5hKPzT96LSd8ZieaZSapqugKE95Kp/z0QpRsQVBc92csJcV5+gaG6cnk0f93HWW
YIG0mECIraLPyxl0dNCvq8duREBZTXP/tVGQIRPyDo8yw9MriVJRx/RXmDKMrQJx
8HKhn/RClzu5c+9D5JlrObACbdbOmclHAZEP3fxsjYsrnuVgSJz+my0ZHwPSKgJp
KCCpLvBtnUuwHbfIUvkhjT2HYiCQWBpY7et7d8JkGL1evRE+oOdQql1X1DFxqM8A
9mhcZq4uSBLLsypDAEpWwoxLjwZJc/i8UnKtLKsEnjRx+pGtQOZ1l0K76xFDX4gV
LjOasAdIHM7eLcRnosFEof8nAVYIuVi99qhLIZ3wGeqHVC9XDnT1WYqPbzwB23xl
ixHqW31gIDF7SijfVvo6
=LPnc
-----END PGP SIGNATURE-----


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-11-25 19:20 ` Daniel Campbell
@ 2015-11-25 20:21   ` Kristian Fiskerstrand
  2015-12-27 22:49     ` Andrew Savchenko
  0 siblings, 1 reply; 15+ messages in thread
From: Kristian Fiskerstrand @ 2015-11-25 20:21 UTC (permalink / raw
  To: gentoo-dev

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 11/25/2015 08:20 PM, Daniel Campbell wrote:
> On 11/25/2015 09:12 AM, Kristian Fiskerstrand wrote:
>> Hi,
> 
>> As recently discussed herds are migrating to projects, and in
>> that connection we've now set up a project[0] for what was
>> previously the Crypto herd.
> 
>> Please consider this an official announcement and request for 
>> comment related to establishing a new project.
> 
>> References: [0] https://wiki.gentoo.org/wiki/Project:Crypto
> 
> 
> Sounds good to me. I have a passing interest in crypto, so where do
> I sign? :)

I'm trying to reclaim the #gentoo-crypto channel for now, would be
nice to have a place for coordination corresponding to the project

- -- 
Kristian Fiskerstrand
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJWVhhNAAoJECULev7WN52FWt8H/Al64Dn04/um+VsrvR4qfrvQ
jx3ESWKvxsGwfbrTUpVUi0T/D1MUcJ0c5O1g/l9Z0EHunK5C4H05mRSnZZcfTDeg
X125nmN8z6YkJj3u69j8OWsbQv/Gs/iKs1NUl+BaRsNxHHbNA+eci3tH7wXMDoVc
haSynpzUkTXuQUtMdtxKZdnV9WlbYhx1jUsRWJHE3ika39/+YcEBha827Ihflybq
/r+MOBCcwap5Cqkx/+fGMIA2hUZrHf48nnHzfN9edlWIoaO1CIMJc2yI3LTicaAh
W+g2MbHADLoWOa4p8mXT6S1Gh7Cc4mGpbC7a7UxJfD5wh0H8Gnbe63x/GubT9kA=
=T9E/
-----END PGP SIGNATURE-----


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-11-25 20:21   ` Kristian Fiskerstrand
@ 2015-12-27 22:49     ` Andrew Savchenko
  2015-12-28 13:11       ` Kristian Fiskerstrand
  0 siblings, 1 reply; 15+ messages in thread
From: Andrew Savchenko @ 2015-12-27 22:49 UTC (permalink / raw
  To: gentoo-dev; +Cc: Kristian Fiskerstrand

[-- Attachment #1: Type: text/plain, Size: 860 bytes --]

Hi!

On Wed, 25 Nov 2015 21:21:37 +0100 Kristian Fiskerstrand wrote:
> On 11/25/2015 08:20 PM, Daniel Campbell wrote:
> > On 11/25/2015 09:12 AM, Kristian Fiskerstrand wrote:
[...]
> >> As recently discussed herds are migrating to projects, and in
> >> that connection we've now set up a project[0] for what was
> >> previously the Crypto herd.
> > 
> >> Please consider this an official announcement and request for 
> >> comment related to establishing a new project.
> > 
> >> References: [0] https://wiki.gentoo.org/wiki/Project:Crypto
> > 
> > 
> > Sounds good to me. I have a passing interest in crypto, so where do
> > I sign? :)

+1

> I'm trying to reclaim the #gentoo-crypto channel for now, would be
> nice to have a place for coordination corresponding to the project

Any progress here?

Best regards,
Andrew Savchenko

[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-27 22:49     ` Andrew Savchenko
@ 2015-12-28 13:11       ` Kristian Fiskerstrand
  2015-12-28 14:42         ` Rich Freeman
  0 siblings, 1 reply; 15+ messages in thread
From: Kristian Fiskerstrand @ 2015-12-28 13:11 UTC (permalink / raw
  To: Andrew Savchenko; +Cc: gentoo-dev@lists.gentoo.org



[Sent from my iPad, as it is not a secured device there are no cryptographic keys on this device, meaning this message is sent without an OpenPGP signature. In general you should *not* rely on any information sent over such an unsecure channel, if you find any information controversial or un-expected send a response and request a signed confirmation]

> On 27 Dec 2015, at 23:49, Andrew Savchenko <bircoph@gentoo.org> wrote:
> 
> Hi!
> 
>> On Wed, 25 Nov 2015 21:21:37 +0100 Kristian Fiskerstrand wrote:
>>> 
...
> 
>> I'm trying to reclaim the #gentoo-crypto channel for now, would be
>> nice to have a place for coordination corresponding to the project
> 
> Any progress here?
> 

Yeah, we have control :)

K_F

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-28 13:11       ` Kristian Fiskerstrand
@ 2015-12-28 14:42         ` Rich Freeman
  2015-12-28 14:58           ` James Le Cuirot
  2015-12-28 16:35           ` Andrew Savchenko
  0 siblings, 2 replies; 15+ messages in thread
From: Rich Freeman @ 2015-12-28 14:42 UTC (permalink / raw
  To: gentoo-dev; +Cc: Andrew Savchenko

On Mon, Dec 28, 2015 at 8:11 AM, Kristian Fiskerstrand <k_f@gentoo.org> wrote:
>
>
> [Sent from my iPad, as it is not a secured device there are no cryptographic keys on this device,
> meaning this message is sent without an OpenPGP signature. In general you should *not* rely on
> any information sent over such an unsecure channel, if you find any information controversial or
> un-expected send a response and request a signed confirmation]

And this would be why I don't bother to sign my emails any longer.
The FOSS world is still stuck in the days when people ran X11-based
MUAs and stored their mail in conventional folders.  I've yet to see a
decent browser-based MUA or Android client which does signing.
Squirrelmail does, but it is really lacking compared to something like
Gmail.

-- 
Rich


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-28 14:42         ` Rich Freeman
@ 2015-12-28 14:58           ` James Le Cuirot
  2015-12-28 15:07             ` Kristian Fiskerstrand
  2015-12-28 16:35           ` Andrew Savchenko
  1 sibling, 1 reply; 15+ messages in thread
From: James Le Cuirot @ 2015-12-28 14:58 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 1093 bytes --]

On Mon, 28 Dec 2015 09:42:40 -0500
Rich Freeman <rich0@gentoo.org> wrote:

> On Mon, Dec 28, 2015 at 8:11 AM, Kristian Fiskerstrand
> <k_f@gentoo.org> wrote:
> >
> >
> > [Sent from my iPad, as it is not a secured device there are no
> > cryptographic keys on this device, meaning this message is sent
> > without an OpenPGP signature. In general you should *not* rely on
> > any information sent over such an unsecure channel, if you find any
> > information controversial or un-expected send a response and
> > request a signed confirmation]  
> 
> And this would be why I don't bother to sign my emails any longer.
> The FOSS world is still stuck in the days when people ran X11-based
> MUAs and stored their mail in conventional folders.  I've yet to see a
> decent browser-based MUA or Android client which does signing.
> Squirrelmail does, but it is really lacking compared to something like
> Gmail.
> 

I haven't tried the feature myself but K9 Mail, which is highly
regarded, does it via APG on Android.

-- 
James Le Cuirot (chewi)
Gentoo Linux Developer

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 951 bytes --]

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-28 14:58           ` James Le Cuirot
@ 2015-12-28 15:07             ` Kristian Fiskerstrand
  2015-12-28 15:15               ` Kristian Fiskerstrand
                                 ` (2 more replies)
  0 siblings, 3 replies; 15+ messages in thread
From: Kristian Fiskerstrand @ 2015-12-28 15:07 UTC (permalink / raw
  To: gentoo-dev@lists.gentoo.org



[Sent from my iPad, as it is not a secured device there are no cryptographic keys on this device, meaning this message is sent without an OpenPGP signature. In general you should *not* rely on any information sent over such an unsecure channel, if you find any information controversial or un-expected send a response and request a signed confirmation]

> On 28 Dec 2015, at 15:58, James Le Cuirot <chewi@gentoo.org> wrote:
> 
> On Mon, 28 Dec 2015 09:42:40 -0500
> Rich Freeman <rich0@gentoo.org> wrote:
>> 

..

>> And this would be why I don't bother to sign my emails any longer.
>> The FOSS world is still stuck in the days when people ran X11-based
>> MUAs and stored their mail in conventional folders.  I've yet to see a
>> decent browser-based MUA or Android client which does signing.
>> Squirrelmail does, but it is really lacking compared to something like
>> Gmail.
> 
> I haven't tried the feature myself but K9 Mail, which is highly
> regarded, does it via APG on Android.


iirc k9 doesnt support PGP/MIME (RFC3156), but some interesting things happening with OpenKeychain (https://www.openkeychain.org/k-9/ ) in that regard. We actually discussed it a bit during last OpenPGP summit in zurich. 

The main issue is key storage, though. For signatures you can use a dedicated signing subkey, however you get in problem with encrypted emails as mobile devices are not really secure devices and should never have cryptographic material. What could work in this case is a NFC (or for that matter bluetooth, although it needs to be properly paired etc etc) channel with a separate device with a separate keychain and display so you can verify the request, and never actually expose private key material to the cellphone.

In the mean time I just include the notice whenever I don't sign, at least some people notice it and gives it another thought.

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-28 15:07             ` Kristian Fiskerstrand
@ 2015-12-28 15:15               ` Kristian Fiskerstrand
  2015-12-28 18:35               ` Rich Freeman
  2015-12-29 15:02               ` [gentoo-dev] " Yury German
  2 siblings, 0 replies; 15+ messages in thread
From: Kristian Fiskerstrand @ 2015-12-28 15:15 UTC (permalink / raw
  To: gentoo-dev@lists.gentoo.org



[Sent from my iPad, as it is not a secured device there are no cryptographic keys on this device, meaning this message is sent without an OpenPGP signature. In general you should *not* rely on any information sent over such an unsecure channel, if you find any information controversial or un-expected send a response and request a signed confirmation]

> On 28 Dec 2015, at 16:07, Kristian Fiskerstrand <k_f@gentoo.org> wrote:
> 
> 

> The main issue is key storage, though. For signatures you can use a dedicated signing subkey, however you get in problem with encrypted emails as mobile devices are not really secure devices and should never have cryptographic material. What could work in this case is a NFC (or for that matter bluetooth, although it needs to be properly paired etc etc) channel with a separate device with a separate keychain and display so you can verify the request, and never

This should read pinentry, the existence of a keyring is implicit to the use case..

> actually expose private key material to the cellphone.
> 
> In the mean time I just include the notice whenever I don't sign, at least some people notice it and gives it another thought.


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-28 14:42         ` Rich Freeman
  2015-12-28 14:58           ` James Le Cuirot
@ 2015-12-28 16:35           ` Andrew Savchenko
  1 sibling, 0 replies; 15+ messages in thread
From: Andrew Savchenko @ 2015-12-28 16:35 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 1300 bytes --]

On Mon, 28 Dec 2015 09:42:40 -0500 Rich Freeman wrote:
> On Mon, Dec 28, 2015 at 8:11 AM, Kristian Fiskerstrand <k_f@gentoo.org> wrote:
> >
> >
> > [Sent from my iPad, as it is not a secured device there are no cryptographic keys on this device,
> > meaning this message is sent without an OpenPGP signature. In general you should *not* rely on
> > any information sent over such an unsecure channel, if you find any information controversial or
> > un-expected send a response and request a signed confirmation]
> 
> And this would be why I don't bother to sign my emails any longer.
> The FOSS world is still stuck in the days when people ran X11-based
> MUAs and stored their mail in conventional folders.  I've yet to see a
> decent browser-based MUA or Android client which does signing.
> Squirrelmail does, but it is really lacking compared to something like
> Gmail.

YMMW, but I'm perfectly fine with Claws mail on my phone.

Another problem is that this device lacks reliable RNG and faces
threats of baseband processor data interception (as well as all
other phones I'm aware about). So phones/tablets are not suitable
for cryptography anyway.

P.S. We had a good discussion of this on core, but still have no
summary on dev ML.

Best regards,
Andrew Savchenko

[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-28 15:07             ` Kristian Fiskerstrand
  2015-12-28 15:15               ` Kristian Fiskerstrand
@ 2015-12-28 18:35               ` Rich Freeman
  2015-12-29 13:58                 ` Kristian Fiskerstrand
  2015-12-29 15:02               ` [gentoo-dev] " Yury German
  2 siblings, 1 reply; 15+ messages in thread
From: Rich Freeman @ 2015-12-28 18:35 UTC (permalink / raw
  To: gentoo-dev

On Mon, Dec 28, 2015 at 10:07 AM, Kristian Fiskerstrand <k_f@gentoo.org> wrote:
>> On 28 Dec 2015, at 15:58, James Le Cuirot <chewi@gentoo.org> wrote:
>>
>> On Mon, 28 Dec 2015 09:42:40 -0500
>> Rich Freeman <rich0@gentoo.org> wrote:
>
>>> And this would be why I don't bother to sign my emails any longer.
>>> The FOSS world is still stuck in the days when people ran X11-based
>>> MUAs and stored their mail in conventional folders.  I've yet to see a
>>> decent browser-based MUA or Android client which does signing.
>>> Squirrelmail does, but it is really lacking compared to something like
>>> Gmail.
>>
>> I haven't tried the feature myself but K9 Mail, which is highly
>> regarded, does it via APG on Android.
>
> iirc k9 doesnt support PGP/MIME (RFC3156), but some interesting things happening with OpenKeychain
> (https://www.openkeychain.org/k-9/ ) in that regard. We actually discussed it a bit during last OpenPGP summit in zurich.
>

K9 also doesn't support email tagging as far as I'm aware, and I don't
believe there is a browser version of it either (I do require an MUA
accessible by a browser, as this is how I compose 99% of my emails - I
read this email on androids, and am replying from a browser right
now).  To some extent they can be forgiven for not supporting tagging,
as I don't believe IMAP supports it either, so we need standards as
well as FOSS clients to make it work.

But, it isn't like I'm paying anybody to solve the problem, so we all
make do, either living without features or without signatures as the
case may be.

> The main issue is key storage, though. For signatures you can use a dedicated
> signing subkey, however you get in problem with encrypted emails as mobile devices
> are not really secure devices and should never have cryptographic material. What could
> work in this case is a NFC (or for that matter bluetooth, although it needs to be properly
> paired etc etc) channel with a separate device with a separate keychain and display so
> you can verify the request, and never actually expose private key material to the cellphone.

That concern is hardly unique to phones.  PCs suffer just as much from
this problem.  The solution could potentially be the same.  For
signing it is a straightforward problem since there is nothing to be
kept secret except the key material itself (just send the message to
the signing device, and return the signature back).  For encryption
you have additional challenges if you want to be able to make any use
of the plaintext without it getting stolen - once decrypted it is only
secure as any device that comes in contact with it.  And there is no
reason that mobile and browser frameworks couldn't talk to such
devices with the right standards.

If it were up to me the government would hand out signing devices just
as they hand out passports.  It seems kind of silly in this day and
age that we haven't solved the key-management problem and half of our
commerce involves giving 16-digit numbers to everybody we do business
with and asking them to keep them secret for us.

-- 
Rich


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-28 18:35               ` Rich Freeman
@ 2015-12-29 13:58                 ` Kristian Fiskerstrand
  2015-12-29 14:27                   ` Rich Freeman
  0 siblings, 1 reply; 15+ messages in thread
From: Kristian Fiskerstrand @ 2015-12-29 13:58 UTC (permalink / raw
  To: gentoo-dev

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 12/28/2015 07:35 PM, Rich Freeman wrote:
> On Mon, Dec 28, 2015 at 10:07 AM, Kristian Fiskerstrand
> <k_f@gentoo.org> wrote:
>>> On 28 Dec 2015, at 15:58, James Le Cuirot <chewi@gentoo.org>
>>> wrote:
>>> 


> That concern is hardly unique to phones.  PCs suffer just as much
> from this problem.  The solution could potentially be the same.
> For

But here we already have smartcards (that everyone should and _is_
using... right?)

> signing it is a straightforward problem since there is nothing to
> be kept secret except the key material itself (just send the
> message to the signing device, and return the signature back).  For
> encryption

for clarity (and what I think you already mean), the message in this
case is the message to be signed (which is likely a blinded hash or
something, so much shorter than the original data)

> you have additional challenges if you want to be able to make any
> use of the plaintext without it getting stolen - once decrypted it
> is only secure as any device that comes in contact with it.  And
> there is no

Indeed, but at least the device won't be able to decrypt further
communication as it'd only have access to the session key of the
particular message. Loosing control of the private (sub)key is
substantially worse, so that might actually be ok for the security
parameters of the users.

> reason that mobile and browser frameworks couldn't talk to such 
> devices with the right standards.
> 
> If it were up to me the government would hand out signing devices
> just as they hand out passports.

This already happen in several countries, including Germany and on a
semi-related variant Norway (its government approved to sign
electronically using BankID, where the banks does the verification).
In germany there is even a CA that checks the government ID and
certify OpenPGP keys based on it.

- -- 
Kristian Fiskerstrand
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJWgpGGAAoJECULev7WN52FHM4H/3hRy9UcmNtQ9cXOKR6xvwPy
jso78Adi2EP4rGdMJrczBO7ymG5NSxF3rtVel1UjyYfT8x3MEgPfyyG26yGUOo6X
tyL5dBiZ6dLCDMDAJdc3tTuLkgaRCkyPZFva6qOp3DgHMAez+wQTKTkmzpMGmG8M
UxqrUWOS/7cGx5Dp+GOYWqd6nx+xrzwg63UbZqstwpPGZVp1BzI/Cat0KQv2j+q1
SU7IKvl4B2HmuL7BeZrc1H7Vj4BmUC1bgw5jnaA0E5oAsHvYefVxBQkt6sroxrbJ
8cXm4NGFRrLf4YkO/x7T7CRxnVLcGKdNkrKJDquCcsPHbc9oR44JBiXdO4OaWd4=
=dIzk
-----END PGP SIGNATURE-----


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-29 13:58                 ` Kristian Fiskerstrand
@ 2015-12-29 14:27                   ` Rich Freeman
  2015-12-29 16:59                     ` [gentoo-dev] " Duncan
  0 siblings, 1 reply; 15+ messages in thread
From: Rich Freeman @ 2015-12-29 14:27 UTC (permalink / raw
  To: gentoo-dev

On Tue, Dec 29, 2015 at 8:58 AM, Kristian Fiskerstrand <k_f@gentoo.org> wrote:
>
> On 12/28/2015 07:35 PM, Rich Freeman wrote:
>> On Mon, Dec 28, 2015 at 10:07 AM, Kristian Fiskerstrand
>> <k_f@gentoo.org> wrote:
>>>> On 28 Dec 2015, at 15:58, James Le Cuirot <chewi@gentoo.org>
>>>> wrote:
>>>>
>
>
>> That concern is hardly unique to phones.  PCs suffer just as much
>> from this problem.  The solution could potentially be the same.
>> For
>
> But here we already have smartcards (that everyone should and _is_
> using... right?)

I imagine that smartcards have about as much support on mobile as they
do on PCs, which is to say not much.

Sure, you can make it work, but software support for signing stuff is
limited in general, let alone support for doing it with smartcards.

>
>> signing it is a straightforward problem since there is nothing to
>> be kept secret except the key material itself (just send the
>> message to the signing device, and return the signature back).  For
>> encryption
>
> for clarity (and what I think you already mean), the message in this
> case is the message to be signed (which is likely a blinded hash or
> something, so much shorter than the original data)

If you don't display the plaintext on the device doing the signing,
then you're vulnerable to a MITM unless you trust your PC, but if you
trusted your PC you wouldn't need the signing device.

The only thing a smartcard does is protects the private key itself.
It doesn't protect you from manipulation of the data to be signed, or
theft of plaintext, etc.

>
> Indeed, but at least the device won't be able to decrypt further
> communication as it'd only have access to the session key of the
> particular message. Loosing control of the private (sub)key is
> substantially worse, so that might actually be ok for the security
> parameters of the users.

I agree, there are degrees of failure.

>
> This already happen in several countries, including Germany and on a
> semi-related variant Norway (its government approved to sign
> electronically using BankID, where the banks does the verification).
> In germany there is even a CA that checks the government ID and
> certify OpenPGP keys based on it.
>

That is at least a step up.  Should we require or at least recommend
government-signed keys for Gentoo in the few jurisdictions that
provide them?  I guess the main concern would be if we wanted to allow
anonymity.

So many problems would be solved if a signature using a secure device
was required for every financial transaction.  Just stick the PIN pad
on the signing device with a small display.  The device is given a
message to sign including the date, amount to be authorized, and who
is getting paid.  The device displays this info on its screen and
prompts for a PIN.  For the problem of payment authorization that
would eliminate almost all forms of fraud that don't involve holding
somebody at gunpoint (and you could have a duress PIN and an encrypted
field in the authorization large enough to hold either a padded all
clear or an under-duress message with the timestamp and GPS
coordinates that only the bank could read).

In the US everybody seems to be afraid of big brother but big brother
has enough big data that he doesn't really need you to use his fancy
signing device anyway.

-- 
Rich


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [gentoo-dev] [RFC] New project: Crypto
  2015-12-28 15:07             ` Kristian Fiskerstrand
  2015-12-28 15:15               ` Kristian Fiskerstrand
  2015-12-28 18:35               ` Rich Freeman
@ 2015-12-29 15:02               ` Yury German
  2 siblings, 0 replies; 15+ messages in thread
From: Yury German @ 2015-12-29 15:02 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 2229 bytes --]

I have talked to the YubiKey people at a few shows (BlackHat), and they
told me that they are looking at Bluetooth key store. To work with iPad
and Android.

That would be great, but the problem is programs that can use that.


On 12/28/15 10:07 AM, Kristian Fiskerstrand wrote:
> 
> 
> [Sent from my iPad, as it is not a secured device there are no cryptographic keys on this device, meaning this message is sent without an OpenPGP signature. In general you should *not* rely on any information sent over such an unsecure channel, if you find any information controversial or un-expected send a response and request a signed confirmation]
> 
>> On 28 Dec 2015, at 15:58, James Le Cuirot <chewi@gentoo.org> wrote:
>>
>> On Mon, 28 Dec 2015 09:42:40 -0500
>> Rich Freeman <rich0@gentoo.org> wrote:
>>>
> 
> ..
> 
>>> And this would be why I don't bother to sign my emails any longer.
>>> The FOSS world is still stuck in the days when people ran X11-based
>>> MUAs and stored their mail in conventional folders.  I've yet to see a
>>> decent browser-based MUA or Android client which does signing.
>>> Squirrelmail does, but it is really lacking compared to something like
>>> Gmail.
>>
>> I haven't tried the feature myself but K9 Mail, which is highly
>> regarded, does it via APG on Android.
> 
> 
> iirc k9 doesnt support PGP/MIME (RFC3156), but some interesting things happening with OpenKeychain (https://www.openkeychain.org/k-9/ ) in that regard. We actually discussed it a bit during last OpenPGP summit in zurich. 
> 
> The main issue is key storage, though. For signatures you can use a dedicated signing subkey, however you get in problem with encrypted emails as mobile devices are not really secure devices and should never have cryptographic material. What could work in this case is a NFC (or for that matter bluetooth, although it needs to be properly paired etc etc) channel with a separate device with a separate keychain and display so you can verify the request, and never actually expose private key material to the cellphone.
> 
> In the mean time I just include the notice whenever I don't sign, at least some people notice it and gives it another thought.
> 

-- 


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 496 bytes --]

^ permalink raw reply	[flat|nested] 15+ messages in thread

* [gentoo-dev] Re: [RFC] New project: Crypto
  2015-12-29 14:27                   ` Rich Freeman
@ 2015-12-29 16:59                     ` Duncan
  0 siblings, 0 replies; 15+ messages in thread
From: Duncan @ 2015-12-29 16:59 UTC (permalink / raw
  To: gentoo-dev

Rich Freeman posted on Tue, 29 Dec 2015 09:27:59 -0500 as excerpted:

> In the US everybody seems to be afraid of big brother but big brother
> has enough big data that he doesn't really need you to use his fancy
> signing device anyway.

It isn't just big brother, tho that's bad enough.  Such a government 
mandated device for signing all financial transactions is a political no-
go here in the US due to "mark of the beast" concerns.  After all, the 
prophesy did say people couldn't buy or sell without it, and even a lot 
of people who are no longer generally religious are still wary of that.

That's one of the reasons the post-9/11 federally mandated ID reforms had 
so much resistance, and those aren't required to buy or sell.  If someone 
tried to mandate something like that for financial transactions it could 
very easily spark a revolution here, and I'm not kidding.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman



^ permalink raw reply	[flat|nested] 15+ messages in thread

end of thread, other threads:[~2015-12-29 16:59 UTC | newest]

Thread overview: 15+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-11-25 17:12 [gentoo-dev] [RFC] New project: Crypto Kristian Fiskerstrand
2015-11-25 19:20 ` Daniel Campbell
2015-11-25 20:21   ` Kristian Fiskerstrand
2015-12-27 22:49     ` Andrew Savchenko
2015-12-28 13:11       ` Kristian Fiskerstrand
2015-12-28 14:42         ` Rich Freeman
2015-12-28 14:58           ` James Le Cuirot
2015-12-28 15:07             ` Kristian Fiskerstrand
2015-12-28 15:15               ` Kristian Fiskerstrand
2015-12-28 18:35               ` Rich Freeman
2015-12-29 13:58                 ` Kristian Fiskerstrand
2015-12-29 14:27                   ` Rich Freeman
2015-12-29 16:59                     ` [gentoo-dev] " Duncan
2015-12-29 15:02               ` [gentoo-dev] " Yury German
2015-12-28 16:35           ` Andrew Savchenko

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox