European Workshop on Trust & Identity

In cooperation with GeantLogo184x80

Session 30 <Why I Hate PGP (and better alternatives)> (13:30/Room K6)

Convener: Aestetix

Abstract: In a post-Snowden society, protecting your private company and personal information is more important than ever. But rather than blindly jumping into encryption, we'll take a look at how (and why) tools like PGP/gpg were created, their purpose, and what their purpose is NOT. We'll also address some of the issues that come up with the so-called Web of Trust.

Tags: Crypto, Trust

Notes

Self-presentation: why encrypting is an issue / Anti-surveillance policies in the US / iddsc / Snowden as a catalyst / crypto party & crypto wars of the 90s

History of cryptography

  • Modern cryptography & classic cryptography -- symmetric cypher (one key to encrypt the message, problem: how does the key come to the receiver?)
  • 1976: public paper clock key, algorithm: one key to encrypt, one key to decrypt (private & public key) - the issue with this: I have a private key, the other one should send me something encrypted, so I go to the key server, get the key, and can get the message / problem: to many in the middle.
  • Example: Micah Lee: he didn't trust the key stores for the exact reason - we don't know where the key comes from - so instead he sends an e-mail to the receiver to confirm that that key doesn't belong to a (lawyer?)
  • Crypto-party: an example: you want to generate a key, what I said earlier about real name policy of Google, fb etc., why do I have a problem with this? / GPG page and key signing guidelines?


What is the problem?

  • They could be a fake
  • You're forced to trust in the government - it creates an illusion that the trust that is issued by the government would be more valid than anything else;
  • This idea that there's a key I want to show is trustworthy and I sign it, and I put levels from 1 to 3 or 4 / what does it mean? - Absolute nothing.
  • What do trust levels mean? (PGP trust levels)
  • What are you verifying? - On a governmental document?
  • I couldn't find any issues on governmental (websites?)


Definition: what does it mean to trust a key? What does trust mean?

  • Direct trust - individual
  • Hierarchical trust -
  • Cumulative trust - different ways to verify or someone you already know/who already works for you and you are pretty sure it's them.


RFC - (looking up RFC 4880 "OpenPGP message format) Signature types

Loose definition, probably left open by standard writers intentionally

Search results on the MIT-tool for a key ("oxd255...")

  • You get a list of all the keys that have trusted this key
  • This creates information (?)
  • Public key store means that it is public, so anyone can use it


I created a trust tool:

Example "pgpring –S -k keystore" output

- Possible to have multiple identities with the sub field

OpenPGP Message Format principle -- I made it easier and converted it to a text file, matches up all the elements, whether it's public key or something else. It is defragmented for the user.

What email providers have "secure" users?

  • Gmail - 334,333
  • Hotmail


What news organisations have "secure" users?

  • wall street – 18
  • new York times – 159
  • Fox news - 3


What "intel" agencies have "secure" users?

  • nsa.gov - 54
  • cia.gov - 39
  • .mil 7,908
  • dhs.gov - 28
  • goatse.cx - 0


How do universities use PGP?

Frequencies: Seem to be rather trial than actual use.

Who has signed the most keys?

Keybase.io: if you are a new user and use a key by default it stores the private key and compromised your security.

Participant: So they have a copy of a private key?

It's perline party, targeted, binary / I understand why you are upset with them, it's a struggle, they have a noble mission to make it easier.

I agree, it's not only me, having your private keys stored anywhere else is compromising of your security. E.g. a PGP encryption, there's principle of mathematics - key instructed is that you have 2 public keys who share the 3rd prime

Interesting talk about key factoring that was referenced in the talk: http://crypto.2012.rump.cr.yp.to/87d4905b6d2fbc6ad2389debb73f7035.pdf(NSFW title)

Participant: What I've never understood is having a store of keys

-: the trust store, the key store is completely useless. My tool is not online right now.

   (Explanation of the key)

Also means you can do a neighbour kind thing, Meta data, and have interesting connections with that.

Participant: I disagree, those are 2 different kinds of trust paradigms. One is public, you can change it. Trusting keys is establishing some initial relationship.

Answer: PGP issue: if you show up, have trusted key -- the data is still there, internet never forgets them.

Participant: But that is impossible to solve.

Answer: PGP is a fantastic tool for encrypting, but bad for privacy and anonymity.

Participant: Based on names, it is completely unreliable.

Participant: What's frustrating is that the government requires us for getting rent from them, but many researchers are from other countries, and many other countries have different requirements for names. One thing that makes trust hard on internet lies in us being human beings, we're organic stuff, we meet and see each other, and you can't do that online.

Answer: I don't agree, when we're chatting, we are establishing and have established relationships. Example: how Anonymous changed in the chat room and how other in the chat room realized his change in behaviour.

Participant: And in the trust-PGP-context it doesn't mean to trust a person, it means trusting a key!

Participant: If I enter "Edward Snowden has this key" (...)

Participant: What do you think about your knowledge in public key store, people actually communicating with each other there?

Answer: In the key store you can

1. Connect to each other, sign the key randomly

2. Time stamp for when a key was signed is difficult issue (state now, state 10 years ago)

And PGP was created in the early 90s..

Participant: the data we get to another zone is very small

Answer: The issue is not so much signing keys, but posting them publicly.

Participant: I think that one of the biggest trust contributions PGP made was that for the first time a reliable crypto reached mass market.