[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encryption of EGO keys

From: Christian Grothoff
Subject: Re: Encryption of EGO keys
Date: Thu, 2 Jul 2020 11:36:39 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0

Hi Jacki,

The reason is simple: encrypting these files is pretty ineffective (and
of course inconvenient for the user). If a process is running under your
UID, it can most likely attach to your other processes (grabbing the
keys after decryption), or monitor your keystrokes (say via X11) to
intercept the passphrase as you enter it. So this type of encryption at
best makes it a bit harder for the attacker, and only effectively limits
attacks against keys that are not being used during the time of
compromise. These weak benefits from encrypting individual files hardly
outweigh the loss of usability from having yet another passphrase. We of
course recommend that users do use full-disk encryption, but that mostly
to protect against losses in case their device is stolen.

If for some application you want to use a password for additional
protection, I suggest to consider using the GNS trick of reading the Ego
and then multiplying the public/private keys with the password to derive
a new public-private key pair, and then to use that for authentication.
That even ensures that an attacker cannot do an offline brute-force
attack against the password.

Happy hacking!


On 7/1/20 4:29 PM, TheJackiMonster wrote:
> Hello there,
> I have a question about using the EGO keys. I was thinking about using
> them for authentication in the CADET chat but I have a problem with the
> current handling of these keys.
> The files are basically unencrypted on the local drive which is
> definitely convenient but could potentially be a problem depending on
> applications running on the system.
> For example if I wanted to develop a remote control application with
> GNUNET for supporting assistance and some other tasks. I would like to
> have at least the possibility to encrypt those EGO keys with a password
> using symmetric keys.
> I guess I could do that manually on the files but my question is: Why
> isn't there an automatic way using the GNUNET API to do so? I mean it
> could be optional because I also see the benefits of raw access and
> many (if not most) people use encryption for their drive anyway.
> But without this feature I would still prefer using GpGMe for handling
> identities instead of EGO because GpG allows it optionally even though
> I would like to reduce dependencies as well.
> -Jacki

Attachment: 0x939E6BE1E29FC3CC.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]