private key protection

Jerome Baum jerome at jeromebaum.com
Tue Oct 18 15:20:21 CEST 2011


On 2011-10-18 15:05, Robert J. Hansen wrote:
> On 10/18/2011 8:36 AM, Jerome Baum wrote:
>> I recall making the distinction between a key* and a key-ring/-file,
>> not between a key-ring and a key-file.
> 
> A distinction that has been lost on apparently everyone here.  Please
> use accepted terminology.

If "everyone" is three people, then yes.

>> The OP asked "how can I prevent people from stealing my key*?" and
>> one person answered "it's not a problem if people steal your key*,
>> because it's passphrase-protected."
> 
> Assuming the passphrase is of high quality, that answer is *absolutely
> correct*.

Sure, if you take key to be the encrypted key. That's why I never said
that the answer is wrong in any way. I just said we need to be careful
to make this distinction.

>> In this context it might be a good idea to mention that stealing
>> your actual key* from memory _is_ a problem, while stealing your 
>> key-file/-ring/-whatever is truly not so big a problem if your 
>> passphrase holds up.
> 
> If the attacker already has read-wherever access to memory, the attacker
> can do orders of magnitude worse than steal private key material.
> You're saying here, "if you assume the computer is already in a
> game-over condition, then it's game-over."  Which is true, but it's also
> pretty close to the canonical example of trivial.

The OP asked for advice about protecting his key. I made the point that
the key in memory is unprotected while the key on disk is protected.
Lots of implications there (watch out for insecure memory on Windows,
watch out for how you physically protect your computer, consider using a
smart-card). How is this trivial*?

* http://www.merriam-webster.com/dictionary/trivial

-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA



More information about the Gnupg-users mailing list