Re: GC and security

Les Schaffer <schaffer@xxxxxxxxxxxxx> writes:
keys are on a USB drive key ring. gpg accesses the key ring as needed,
but in a separate process. and gpg is done with its work early on in our
app lifetime. comes back at end to encrypt and then app is done.

gpg is fairly careful about passphrases. Why are you collecting the
passphrase in the Python app instead of letting gpg handle it?

Keep in mind that the weakest part of this application is likely to be
the passphrase itself. Is there a way to get rid of it?

we got some suggestions from other parts of this thread. or do you mean
getting rid of the need for a passphrase? the passhprase protects the
private key on the USB drive.

Yes, I mean get rid of the need for a passphrase, though since the
encrypted key is accessible on the USB drive, there's no way around
it. With smart cards it's generally considered ok to use a short PIN
instead of a passphrase; the card itself enforces a maximum # of
incorrect guesses.

Is this data on a laptop? Why do you want to do encryption in the
application, instead of using an encrypted file system? ...>
but the main reason? we were asked to encrypt the MySQL tables carrying
sensitive information.

Does using an encrypted FS not take care of that? Also, I think there
are some FS's that use the Windows Crypto API (CAPI) either for bulk
encryption or for key management, so you can use secure passphrases,
hardware tokens, or whatever.

USB drive holds the GPG key. the drive must be inserted at start of
application, and must be pulled after authentication otherwise the app
warns and shuts down. The USB drive carries a digital signature, and
also encrypted identifying information for the user.

This is better than nothing but it's very easy to duplicate a USB key,
either intentionally or by spilling the contents through a routine
backup procedure, etc. A crypto token (USB dongle or smart card) is
way preferable for this type of thing. GPG has smart card support
that you might be able to use:

http://www.g10code.com/p-card.html
http://www.gnupg.org/(en)/howtos/card-howto/en/smartcard-howto-single.html

You might want to discuss this on sci.crypt, where specialists hang
out. As is fairly typical in these situations, it would help a lot if
you could describe the application in more detail.
.

Relevant Pages

  • nash initrd for root encryption with gpg -> cannot open /dev/tty no such file or address
    ... i am trying to encrypt my root file system using a gpg encrypted key ... stored on a usb flash. ... it works fine up to the point where gpg is started, ... by cryptsetup as passphrase for disk encryption. ...
    (Fedora)
  • Re: How to encrypt and burn to dvdr my home dir?
    ... would you suggest I encrypt the resulting .tar.bz2 file? ... I'd use gpg from the command line. ... passphrase to encrypt the file. ...
    (Fedora)
  • AIX and expect
    ... I have some very simple expect scripts I use to encrypt some data and send ... I am migrating from AIX 4.3.3 to an AIX 5.2.0.4 system. ... If it's run in a shell, and I hit enter, gpg ... enter the passphrase and it works. ...
    (comp.lang.tcl)
  • [NEWS] RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... and encrypt their files and data. ... its passphrase and general encryption techniques. ... Attack: "Symmetric key injection". ...
    (Securiteam)
  • RE: Using Win32 CryptDecrypt to Decrypt RijndaelManaged
    ... I figured out how to use RijndaelManaged with AES in the C++ app. ... C++ crypto WILL successfully decrypt the .NET generated ... I am trying to write a Win32 app that can decrypt that string using the ... I can get both to encrypt and decrypt successfully in their own projects, ...
    (microsoft.public.platformsdk.security)