1994-08-24 - Re: Using PGP on Insecure Machines

Header Data

From: “Perry E. Metzger” <perry@imsi.com>
To: tcmay@netcom.com (Timothy C. May)
Message Hash: 68d86973b8af01485dabe1849ea1c0e58861cefe96839ef8cf1e074bff14e660
Message ID: <9408241335.AA03303@snark.imsi.com>
Reply To: <199408240630.XAA26030@netcom4.netcom.com>
UTC Datetime: 1994-08-24 13:36:05 UTC
Raw Date: Wed, 24 Aug 94 06:36:05 PDT

Raw message

From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 24 Aug 94 06:36:05 PDT
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: Using PGP on Insecure Machines
In-Reply-To: <199408240630.XAA26030@netcom4.netcom.com>
Message-ID: <9408241335.AA03303@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain

Timothy C. May says:
> Some folks who use PGP on such machines at least take steps to better
> secure things....Perry Metzger, for example, once described the
> multi-stage process he went through each day to reload his key
> material in a way he felt was quasi-safe. 

Quasi. I'm pretty sure that anyone who cared enough could have gotten
hold of my ancient pmetzger@shearson.com key, which I keep around only
for nostalgia reasons at this point -- I believe its one of the oldest
keys still on the rings. On the few occassions when I've truly cared,
I've generated new keys to use and only used them for a brief period
-- PGP provides very poor forward secrecy.

(By the way, I've become convinced with time that the forward secrecy
characteristics of systems like this are far more important than
people believe, especially since keys are likely to be so poorly
managed by most non-paranoid users. Diffie-Hellman provides perfect
forward secrecy.)

Tim's point is, however, correct -- using PGP on Joe Random
University's central computing facility is not the way to go if you
are really concerned about security. You have to run it only on
hardware you personally control, and which others do not have much if
any physical or network access to.

Also importantly, the user interfaces for PGP simply suck as it
stands, making people like Tim uninterested in going through the
rigamarole needed to use it on a day to day basis. The real revolution
isn't going to come until people are able to use PGP and the rest both
reasonably securely without it being especially noticable that they
are doing so -- and that is a while off.