1997-10-08 - Re: What’s really in PGP 5.5?

Header Data

From: “William H. Geiger III” <whgiii@invweb.net>
To: Adam Back <aba@dcs.ex.ac.uk>
Message Hash: 2a60a7615f4dbe000a6f569cdff009005724d53d757aabb41f63de828936c8ad
Message ID: <199710081815.OAA20071@users.invweb.net>
Reply To: <199710081011.LAA00865@server.test.net>
UTC Datetime: 1997-10-08 18:40:01 UTC
Raw Date: Thu, 9 Oct 1997 02:40:01 +0800

Raw message

From: "William H. Geiger III" <whgiii@invweb.net>
Date: Thu, 9 Oct 1997 02:40:01 +0800
To: Adam Back <aba@dcs.ex.ac.uk>
Subject: Re: What's really in PGP 5.5?
In-Reply-To: <199710081011.LAA00865@server.test.net>
Message-ID: <199710081815.OAA20071@users.invweb.net>
MIME-Version: 1.0
Content-Type: text/plain


In <199710081011.LAA00865@server.test.net>, on 10/08/97 
   at 11, Adam Back <aba@dcs.ex.ac.uk> said:

>Bill Frantz <frantz@netcom.com> writes:
>> At 2:27 PM -0700 10/7/97, Jon Callas wrote:
>> >favorite way of expressing this problem is, "if you lose the keys to your
>> >car, then you have to get a new car."
>> Now email is a confounding medium because it is both a transient
>> communication medium and a storage medium.  We would like to be able to
>> have protection against losing access to our stored data, at the same time
>> we are sure that those who violate our trust and intercept our
>> communications can not read the data, when it is sent or at any time in the
>> future.
>> PGP 5.5 seems to have a solution to the "lose your data" problem.  It does
>> not seem to address the secure deletion problem.

>If PGP wants to archive data sent or received, well they can do so, but
>sending encrypted communications over open networks encrypted to _two_
>long term public keys is bad security practice.

>There are two reasons which are given as to why someone might want to
>have GAK installed for company use.

>1. to allow access to important material lost in the mail system in the
>event that an employee is hit by a bus

>2. to allow management to spot check the emails being sent and received

>Argument 1 seems pretty flimsy to me.  I reiterate my comment in an
>earlier post: who in their right mind keeps their _only_ copy of ultra
>valuable company information bouncing around in the email system?  Did
>those arguing for this position not notice that sometimes email gets lost
>in transit?

Well lets take the flip side of this: Who in their right mind encrypts
ultra valuable company information and then leaves the plain text on their
computer?? I have an outbox full of encrypted messages that are encrypted
to both the recipient and to my key (Encrypt-To-Self Option). If you are
going through the trouble of encryption why would you want to leave plain
text lying around??? One needs to remember that e-mail is not just
communication but communication *and* storage.

>Regardless, if PGP claims to be catering to those who use this argument,
>and to not want to try that hard to make it impossible to by-pass, the
>more secure, and less GAK friendly way to do it is to have the mail
>client software archive the email sent and received.

I have to disagree, see above.

>Argument 2 I find somewhat distasteful, but seems to me to be logically
>what PGP's implementation is catering for.  A less GAK friendly way to
>implement it, and a more secure (communications secure, not saying
>anything about GAK being easier or harder to by-pass) way would be to
>archive for a while the session keys. The security advantage being that
>the email doesn't go out with the session key encrypted to 2 long term
>public key encryption keys.

I have seen no evidence that encrypting to multiple recipients is any less
secure than encrypting to one. If there are serious security implications
in doing so then it affects *all* versions of PGP and not just 5.5. I find
it odd that this issue is only now being brought up with 5.5 and never
mentioned with previous versions.

One thing I would like to see added to this set-up is secret sharing of
the corporate private key. That way one person could not unilaterally
access the data but would require the agreement of several people (say 3
of 5 department heads). I think this would provide enhanced physical
security of the key and personal privacy (Joe in IMS can't snoop the mail
just because he is board). I have made some mention of this in the past to
PGP but don't know what if any work has been done in this area. I have
been working on a small utility that would let a user do this with his own
private key. Perhaps if I ever get some free time I can finish it up.

- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html                        
- ---------------------------------------------------------------

Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000