Ciphire, A Transparent, Easy PGP Alternative 345
mixter writes "Hi. I'd like to point your attention to Ciphire, a fully free and soon-to-be-audited-OpenSource 'Global PKI' project I've been working on for the last three years. As the first three or four thousand geeks started using Ciphire and seem happy, with some tech articles written, I guess the /. community might find this interesting, too. Ciphire hopes to have solved the problems that prevented PGP from a broader deployment, with even higher security standards - as already confirmed by crypto experts Housley & Ferguson. More useful information, e.g. in Wired or in the Nerd^H^H^H^Hexperts FAQ."
GPG? (Score:5, Insightful)
yeah right... (Score:4, Insightful)
so how exactly are you getting it installed and turned on by default in Outlook and Outlook Express?
tell me I'm wrong if you want, but that's the only way you'll get Jane and Joe 6pack to use it.
But will people use it? (Score:2, Insightful)
Why not just use enigmail with Thunderbird? (Score:4, Insightful)
Maybe I'm missing something?
Useless... (Score:5, Insightful)
not really excited (Score:4, Insightful)
Re:Why not just use enigmail with Thunderbird? (Score:5, Insightful)
Not OpenPGP Compliant and no Good reason (Score:5, Insightful)
Re:Useless... (Score:3, Insightful)
choice of algos.... (Score:3, Insightful)
encrypt the data with AES in CBC-HMAC mode (??? HMAC is not an encryption algo) then Twofish in CCM mode.
First off, you MAC the ciphertext since it's gonna be exposed anyways. Second... CCM mode? WTF? CTR mode is simpler.
It's like they went out of their way to overly complicate the process.
Tom
Re:Useless... (Score:3, Insightful)
As for the GNUPG point. As user I really don't care how the source code looks as long as it works. Further GNUPG seems more or less secure to me - there weren't that many security advisories yet.
And if you don't want it you can use PGP - there's a freeware version of it too.
So WHAT are the advantages of Ciphire?
Re:Useless... (Score:3, Insightful)
Though I too question some of their choices (2 layer encryption for instance...) the idea of a new system isn't a bad one.
Let's not forget that SSL, SSH, PGP were HOMEBREW!!! Who knows, someone may invent a system simpler, smaller, faster, more secure, more able, etc, in the future.
For instance, for what SSL does the standard is very complicated. I mean it verifies a cert, does key handshaking then encrypt/mac data. That's not complicated. why does it require a 70 page [non-programer friendly] RFC to describe it?
I do agree that making something new for the sake of making something new isn't smart. And if that's what they did shame on them. But the fact is "new things" is what drives us anyways.
Tom
The way I see it (Score:2, Insightful)
it's another way to get signed/encrypted email into the hands of more people - whether they're geeks, or not. If it gets a few more people using some kind of authentication for email, then it's another strike against spammers/VXers; surely, it can't be all that bad, then, can it?
Sure, it isn't GPG, PGP, or any of the more "traditional" encryption programs. But then, how many Joe/Jane Sixpacks do you know that use those, either? From reading the article, it seems to greatly simplify the process of installing and using email signing/encryption, and that's something that I've run into trying to get people to use GPG/PGP: "It's too complicated; I have to remember too much stuff".
It looks like the security of it is being vetted, even if the source isn't as open as some would like (yet). Fine, it isn't "perfect" from a geek point of view, and it still has a way to go before it'll work on more email clients - but it's a start at de-geeking email crypto, which is something that can only help.
Re:Methodology for open sourcing it (Score:4, Insightful)
Such tools are useful iff their interface is rigidly defined. If it starts diverging into a dozen things that look similar but aren't entirely compatible, nobody will use any of them. If, on the other hand, the system is reasonably good at the start, the probability of major forks is reduced. So sometimes it's useful to keep such projects "closed" until it's stable and complete.
At least, I have heard such arguments made in the past. The other alternative is that the code is such an embarassing mess that they don't want anyone to see it -- I've heard that argument made as well (heck, I've got code I plan to release someday myself, as soon as I get around to adequately commenting it...).
Comment removed (Score:5, Insightful)
Re:But will people use it? (Score:1, Insightful)
Re:Useless... (Score:5, Insightful)
2. PGP is not a cryptosystem - it's an application program. "Cryptosystem" means algorithm. It's the same thing as "cipher", essentially.
Re:a better question (Score:5, Insightful)
encrypted email stands out from unencrypted email
Iif the bulk of email was encrypted then it is harder to determined that which is encrypted for a reason and that which isn't. This adds value to the use of encryption.
I don't really need to ssh between servers on my LAN or run my vnc sessions though an ssh tunnel or use scp when I could use Samba but I do, partly because it means I am using best practices so when I am in a situation where it is desirable I am familiar with the operation and am familar with the tools I will need and not be sat there saying "bugger, I forgot to select 'use secure connection'".
I don't really need to lock my car every time I walk 10 yards from it to the cashpoint but I do because it is best practice.
Transparent? Easy? (Score:3, Insightful)
Re:Useless... (Score:3, Insightful)
Re:a better question (Score:3, Insightful)
-
Perhaps I'm paranoid but (Score:1, Insightful)
"With encryption solutions using PGP or S/MIME, an unsigned email message allows an attacker to forge the originator s identity even if the message is encrypted. The recipient cannot easily detect the change in the originator. However, in the Ciphire system, encryption includes authentication information. The session key used to encrypt the email message is digitally signed by the sender for every layer of encryption."
Although a technically accurate statement, it is highly misleading by comparing signed verses unsigned functions and implying a deficiency in GPG where none exists. GPG/PGP supports the same signing ability.
Centralized directories are bad ! (Score:5, Insightful)
What do you think will happen if someone, say in the name of the war on drugs, wants to interfere? Presto, they can convince the central server to yank Bob's key from the directory and replace it by one of their choosing. Some privacy!
Re:GPG? (Score:3, Insightful)
I'm also worried about.... (Score:5, Insightful)
whats that about?
Web of trust needs plane tickets (Score:3, Insightful)
just buy a certificate to make Ciphire work.
The OpenPGP equivalent to a certificate is called a "plane ticket" whose price is called "airfare." Without a plane ticket, you often can't get your public key signed by people in the strongly connected web of trust. Without a signed public key, you can't build the web of trust, and without the web of trust, you can't verify a public key, which is the whole point of certificates.
Re:Useless... (Score:5, Insightful)
Huh? You asked a question, I answered it.
I certainly don't think RFC2440 is any less valid or useful for having been created after a successful implementation was created. That's how standards ought to be created. Standards created before the implementations, or in conjunction, are more likely to suck.
The comparison with PGP and GPG is illustrative of why this new toy will not be leading to any new standards. No open source, no peer review, no new needs being addressed, no new ground being broken. Who gives a shit?
Re:Useless... (Score:5, Insightful)
PGP is a known secure cryptosystem. Fact of the matter, there is no need for new cryptosystems.
Well, I guess all that needs to be invented has been invented. We already have an operating system majority (Windows). There's already a major chip vendor (Intel). Antec makes the best cases, so lets just tell all the others to stop.
Maybe, just maybe, a little mind opening is needed here? Perhaps there's something about (Cipher) that can be used in PGP, or vice versa. Slashdot is full of 'competition is a good thing' type quotes, and I'd say it applies here.
Careful: not very secure, not very trustworthy (Score:2, Insightful)
What concerns me are comments like the following: "Each Ciphire certificate is reduced to a hash, an abbreviated mathematical identifier. Since the relationship between the hash and the certificate is reciprocal, the original hash would not match a certificate in which there was even the slightest change."
Not so fast: (a) certificates already have a signed hash; (b) it is common practice to state which hashing algorithm is used (SHA, MD5, ...?). I hope its not homegrown hash; and (c) by definition, hash values have collision where more than one certificate can map to the same hash value.
Just cause its an open-source wannabe doesn't mean its good for you. Let's hope for the best.
Support for triple-DES should be added! (Score:3, Insightful)