1996-01-24 - Re: [local] Report on Portland Cpunks meeting

Header Data

From: “Pat Farrell” <pfarrell@netcom.com>
To: cme@tis.com
Message Hash: 370e47fa86c5fee852be9a0f7ff634f68d4c037e21aea0308d9030e019e99168
Message ID: <43073.pfarrell@netcom.com>
Reply To: N/A
UTC Datetime: 1996-01-24 17:57:19 UTC
Raw Date: Thu, 25 Jan 1996 01:57:19 +0800

Raw message

From: "Pat Farrell" <pfarrell@netcom.com>
Date: Thu, 25 Jan 1996 01:57:19 +0800
To: cme@tis.com
Subject: Re: [local] Report on Portland Cpunks meeting
Message-ID: <43073.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In message Wed, 24 Jan 1996 00:32:37 -0800,
  shamrock@netcom.com (Lucky Green)  writes:

> How do they verify that the person confirming the fingerprint is indeed
> the person supposedly owning the key?

It is pretty hard, that is one of the reasons the web-o-trust is broken.
You can make it better by requiring the person to actually use
the key, which proves that he/she has the passphrase.

At the last key signing at the DC-area cypherpunks meeting, I told
everyone my name was Boris Badanov. Even tho the key's userid
said pfarrell@netcom.com.

Carl Ellison suggests that the signature should have a much weaker meaning,
roughly: "The person owning the secret key associated with this public
key's tag has characteristic X." Obviously X could be "claims to be Pat"

Thus if Lucky gives me a key, I don't know what his/her real name is,
and don't care. All I have to do is see them actually sign something
I give him/her with the key.  Of course we need to rule out
man-in-the-middle attacks. For me, I would buy off on watching the
signing on a standalone laptop while I watch from accross the room.


Interesting atack: Assume there is a chain of keys, with
Lucky feeding keys to Klaus inside the laptop. I'd be signing
what I thought was Lucky's key, but it was really Klaus'.
Of course "Lucky" would have to have the secret passphrase for both
Lucky's and Klaus' keys.  It isn't clear to me if this is an
important case.

Equally questionable are tricks such as using an IR or wireless
transmitter to send my test data to another computer so that the
chain of MITM can be longer.


Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>





Thread