1994-12-02 - Re: public accounts / PGP / passphrases

Header Data

From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
To: cypherpunks@toad.com
Message Hash: 137c8a87943d9216430783ccd41e595377ecb6e9c76a4af5cc9289e9402d77c4
Message ID: <ab043c37010210048095@[132.162.201.201]>
Reply To: N/A
UTC Datetime: 1994-12-02 02:54:37 UTC
Raw Date: Thu, 1 Dec 94 18:54:37 PST

Raw message

From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Thu, 1 Dec 94 18:54:37 PST
To: cypherpunks@toad.com
Subject: Re: public accounts / PGP / passphrases
Message-ID: <ab043c37010210048095@[132.162.201.201]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:18 PM 12/01/94, lmccarth@ducie.cs.umass.edu wrote:
>Could someone please elaborate on the foolishness of using PGP with a
>passphrase on a public machine (as I do) ?  Am I wrong in thinking that my
>secret key is useless to an intruder until she guesses my passphrase ?  I
>have no net access except via an account on a public machine, so I'm not
>about to start storing my secret key elsewhere, but I'll change my passphrase
>to <null> if it's irrelevant anyway.  I just reviewed the PGP docs a bit and
>Phil says "Nobody can use your secret key file without this pass phrase.",
>which seems to contradict what many people on the list have said.

Theoretically, your sysadmin could quite easily get ahold of your
passphrase, through a number of means, including logging all of your
keystrokes.   As a general rule of thumb, the sysadmin can do anything.
I'm also don't have the crypto-math knowledge to know whether it's easier
to crack your IDEA-encrypted passphrase then it would be to crack your
private key only having some ciphertext and perhaps some corresponding
plaintext in your possession. It certainly would be easier to crack your
passphrase if you use a bad passphrase, like an english word. Generally, I
think you don't want your private key falling into the wrong hands,
passphrase encrypted or not.

So if your sysadmin actually wanted to, your sysadmin could get at your
key. Now, obviously this doesn't mean that your passphrase might as well be
null.  Nor does it mean there's no reason to use PGP at all if your only
option is using it on a time-shared machine.  I have a feeling that many
people who don't know better think one of these two things after seeing all
of the messages on this list that say "Don't use PGP on a time-shared
machine! It's useless!"  It's not useless, although you are losing some
security by doing so. It's only a false sense of security if you don't
understand exactly how much security you are losing. [and admittedly, I
don't understand _exactly_ how much, myself. But then, I'm not using PGP on
a timeshared system at the moment.]







Thread