Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Encryption Security Your Rights Online

PGP Key Validity Attack 5

Posted by michael from the key-to-the-city dept.
Sieuwert van Otterloo writes: "I have discovered a new attack on PGP. It allows one to introduce an invalid key as valid in the network of trust. All information is on www.bluering.nl/pgp. Network Associates has confirmed the problem and made a patch. The attack is officially published in a talk at the university of Utrecht this afternoon, (4 september 15:00 CET)." Network Associates has a page up, and patches.
This discussion has been archived. No new comments can be posted.

PGP Key Validity Attack More

PGP Key Validity Attack

Comments Filter:
  • Last time I've checked, neither PGP not GPG had any user-interface other than command line, and a key has only one name/e-mail address attached to it.
    What are they talking about???
    • Last time I've checked, neither PGP not GPG had any user-interface other than command line, and a key has only one name/e-mail address attached to it.

      The Mac and Windows versions of PGP do have GUIs, and even PGP 2.6.2 let you have multiple userids on a single key. Most people didn't, but you always could.

      This attack is interesting, but since it's really a UI bug and not an underlying weakness in the protocol or crypto implementation, it's not too tough to avoid by being careful to look at the keys you import (which you should be doing anyway).

    • If I could get it to work, my PGP-freeware for windows would have a user interface. Unfortunately I'm a stoopids, and when I try to use the thingamajig to secure my network what'sit card I can't connect to my email server thingy. In other words this entire post is a cheap trick to get technical assistance.

  • Why the bug is a bug. (Score:4, Informative)

    by Terri416 ( 131871 ) on Tuesday September 04, 2001 @09:49PM (#2254020)
    This about ownership, identity, certification, trust and validity.

    Whoever controls the secret key is in fact the owner of the key.

    The user ID is a claim made by the owner and attached to the key. There can be many such claims made; depending upon the wishes, ISP accounts, and intentions of the owner.

    Certification is a claim made by a third party that a particuler user ID on a key truly refers to its owner.

    Trust is a judgement that you make about the third party who owns the key used to certify a user ID claim. It should be a reflection of how honest, diligent, skeptical and shrewd the third party is. The more serious the consequences of identity fraud (e.g. infiltration of a political protest group), the more miserly you should be with trust.

    Validity is the opinion (based on subjective trust and a certification claim) that a particular user ID truly refers to the owner of the key to which it is attached.
    That's one fact, two claims, a judgement and an opinion.

    Let's take an example:
    Suppose I certify some key as belonging to taanderson@metacortex.com. If you knew that I was one of his coworkers, you might trust me and believe the key belongs to Mr Anderson.
    If the key also had an ID neo@2600.net, is that second ID valid?
    No. The neo ID is a claim, nothing more. Unless someone else that you trust certifies the neo@2600.net ID, then the ID (like all uncertified IDs) is assumed to be invalid.
    In fact, if the neo alias were supposed to be covert, then putting it on the same key as a public identity would be extremely stupid - unless it was a forged ID. It's the equivalent of Mr Anderson wearing a button badge saying "I am Neo".

    The bug in PGP lies in sometimes treating validity as a property of the key, when it's strictly a property of the user ID claim; allowing validity to "leak" from one ID to another.

Slashdot Top Deals

Any program which runs right is obsolete.

Close