[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: comments on PGP *5*



On Mon, Sep 14, 1998 at 09:42:25AM -0600, Neale Pickett wrote:
> >> IIRC PGP5 can be configured, by your sysadmin, to automatically encrypt
> >> a outgoing message session key with a "corporate public-key" in addition
> >> to the recipient's public-key. And that PGP5 can be configured to refuse
> >> to decrypt messages when the session key was not encrypted with the
> >> "corporate public-key". As I understand it this NOT key-escrow.
> >> 
> >> AFAIK PGP5 does not provide a mechanism to force you to send a copy of
> >> your private key to an "Offical Key Escrow Authority". And that the
> >> "key-recovery" feature has no effect on users of "PGP For Personal
> >> Provacy" (the non-corporate version).
> >> 
> >> Please correct me if I am wrong...
> 
> > I believe you are, but I haven't got (nor do I want) a windoze box to test
> > it.
> 
> He isn't wrong about the escrow.  Nobody gets your key.  What happens is 
> that your business key also gets the corporate key added on to it.  So
> when someone encrypts to your business key, they're also encrypting to
> the corporation.  This is not key escrow.

You guys are right.  I found the old report I was sent which warns of this. 
The wording was different, emphasizing the forced compromise and pointing
out that the non-commercial 5.x versions enforce this, while the 2.x
versions never would.

The danger of a version which you cannot stop the gov't from getting
transparent access to your encrypted mail (worse than key escrow) is there,
but the good news is that we can always be sure this isn't the case by using
the source---ohno!  WHAT source??  This version of pgp rarely offers you
source with which to protect yourself!

Hint:  NEVER EVER accept binary-only encryption.


> > The problem you outline still allows your employer (or anyone with access to
> > the corporate private key, whether authorized or not--do you trust your
> > pointy-hair's security methods and pass{words,phrases}?) to view any mail
> > encrypted to you.
> 
> This is true.  This is why you don't want to use the commercial version
> of PGP for personal mail, because only the commercial version does this.
> If you're trying to receive private email at work (and that's okay with
> your employer), then just generate two seperate keys--one with the
> commercial version, and one with the personal version.

You don't want to use the personal version with the key you use at work
either.


> > Essentially it circumvents the security provided by PGP.
> 
> No, it allows your company to take reasonable steps to accessing
> corporate data.  You wouldn't object to the company giving you a safe to 
> keep the aircraft designs locked in if they wanted to have the
> combination, would you?  The safe is provided for company use only.  If
> you want your own safe, nobody's stopping you from going out to Wal-Mart
> and buying one, and then you don't have to share the combination with
> anyone.  This is exactly what the situation is with PGP.

...by circumventing the purpose, that only someone with private key and pass
phrase can decrypt mail.  The proper way of allowing this would be to give a
copy of the private key to your boss, extracting it in plain form directly
to floppy (you DO NOT EVER put an unencrypted key on your hard drive unless
you are EXTREMELY stupid)  Your boss then encrypts the key with his or the
company's pass phrase---which should be kept locked in a secure but offsite
location.

Congratulations, your boss or his successors may read email sent to your
corporate key without compromise to the security of PGP or even to your pass
phrase.  You DID wipe or outright destroy that floppy didn't you?  Probably
an extended stay on a bulk eraser would eliminate any useful magnetic
traces, even if you're paranoid.  And the process can be automated with a
batch file (or even a compiled batch file) to make sure nobody screws it up. 
And YES, you can have batch files in windoze!  I used them all the time,
they automate a great deal and are fairly powerful if you're running them
under 4dos as I was.

Oh wait.  There's no way a pointy hair would understand all of that.

Attachment: pgpJOP4Mgb7r2.pgp
Description: PGP signature


Reply to: