Trying To Understand Validations - New To Encryption

Discussion in 'privacy technology' started by anon_private, Dec 14, 2014.

  1. anon_private

    anon_private Registered Member

    Joined:
    Feb 28, 2010
    Posts:
    57
    Location:
    UK
    Hi,

    I use Kubuntu and have gpg installed as a default program.

    First point. What is the difference between pgp and gpg?

    I have downloaded a programme from a website and the page talks of using keys to validate the program.

    Second point. Am I correct in assuming that the key must be imported into gpg before a validation can take place. Can validations be done 'on the fly'?

    I am wondering how validations can help.

    Is it not possible to put a programme on a website, and place a key there that will fit, and the user (downloader) will note consistency on analysis. As for downloading keys, could someone not upload a key to a server that will show consistence on using gpg when the program itself may be problematic?

    Point three. Should keys be used that are published a website, or only those available via servers?

    No doubt, I will be back

    Thanks

    Ps. Is there a good forum for gpg discussions
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    In my opinion, PGP is just history. Use GnuPG aka gpg.
    Yes.
    That is a concern. It's best to get the public key from multiple sources and verify consistency. You can also see who signed the key, and contact them for confirmation.
    Both can be spoofed.
    The mail list gnupg-users@gnupg.org is a good resource. You must join to post.
     
  3. anon_private

    anon_private Registered Member

    Joined:
    Feb 28, 2010
    Posts:
    57
    Location:
    UK
    Thank you for responding.

    'I have downloaded a programme from a website and the page talks of using keys to validate the program.

    Second point. Am I correct in assuming that the key must be imported into gpg before a validation can take place. Can validations be done 'on the fly'?

    Yes.'

    I think you have said yes to importing a key into gpg before a validation can occur.

    Can validations also be done 'on the fly'?

    Best wishes.
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Without the signer's public key installed, gpg will verify whether or not the signature has been done properly, but it won't check it against the key. Is this what you mean by "on the fly"?
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    Gpg is the way to go. I used PGP for many years back when it was an open source (Phil Zimmerman) product. Now its closed source so I don't use it. Gpg is based upon the same two key authentication (public/private) and the cryptography is even stronger than it was a decade ago.

    The key signature verification is all about making sure the file you download is the actual/real file it purports itself to be. If even one byte changes or is tampered with the verification will fail 100% of the time.
     
  6. anon_private

    anon_private Registered Member

    Joined:
    Feb 28, 2010
    Posts:
    57
    Location:
    UK
    If I download a key and then import it into gpg do I have to keep the downloaded key file (in Downloads:Kubuntu), or can I delete it from the system?

    I note that I can verify lists (.asc files). I assume that these can be deleted once verified?

    Thanks
     
  7. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    Well you could delete the key, but why would you? If you are using a one time "thing" maybe. Most software will be updated over time and software where a gpg/pgp key is used for verification, will also provide the same authentication for the updates as a rule. In the long run it would not be wise to securely confirm the installation of a software, but then avoid using the same security for its updates.

    The key in question is the public side of a keyset, with the private side being held on the website's server. This little public key on your ring allows you to verify the file you download and further its integrity. Without the key you will need to install it again to perform this task every time.

    Many of us here use gpg/pgp alot. Even for private folks its really nice to be CERTAIN that a file or PM is sent by the member claiming to have sent it. Simple, solid, virtually certain dependability.
     
  8. anon_private

    anon_private Registered Member

    Joined:
    Feb 28, 2010
    Posts:
    57
    Location:
    UK
    Thank you for responding.

    Some of the keys are in my Download folder. I would like to make a key folder and store the keys. If I move the keys will this cause a problem?

    Out of interest, I note that they keys have asc extensions. The files are text files, so why don't they use the txt extension?

    I have noted when viewing key servers that some people have more than one public key. I assume that this is necessary, but don't know why!

    These servers often use the get command and some hexacode to obtain the key. Where would the key be stored on Kubuntu?

    The keys have ver: sks. This looks like ?key server.

    Regarding keys, what does sub refer to?

    Thanks
     
  9. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    318
    The way it is supposed to work is the developer buys a certificate for a couple of hundred bucks from a trusted CA (certificate authority) like Comodo or Verisign. The certificate is linked directly to them and their project by their website address and their email address. The CA has a copy of the public key on their server. When the developer signs their code using their private key, a copy of their public key is embedded. When you use your pgp software to verify the software it compares the embedded public key with the one on the CA server, if they match it should to be the real developers software. I say should be because although I don't think it is possible to forge that process (someone might correct me on that) but there have been instances of stolen certificates used to sign malicious software.

    Some developers generate their own certificates so there is no CA to use for authentication. They put the signing key on their website and present it is a method of authenticating the file. This is a source of confusion because it appears to be using the same technology for authentication as real CA Certificates when in my opinion it is completely bogus. I would not trust any developer who uses self generated certificates because,
    1. he knows it is bogus
    2. he is too cheap and careless about his users security to buy a real certificate for a couple hundred bucks.

    If the developer uses a self generated certificate anyone else can generate their own certificate with the same name and use it to sign a malicious version of the software. When there is no CA involved to tell you which is the real one how are you to know ? You don't unless you know the real developer personally and he handed you his signing key in person which defeats the object, if he can hand you his signing key he could hand you his software.
    The whole point of certificates is supposed to be to authenticate when you do not know the developer personally. I think the use of self generated certificates is dangerous, counter productive, creates confusion about what is secure and what is not and should be considered totally bogus unless you have a sure way to verify the owner of the signing key.
    You could try to do this by doing searches for the developers signing key's fingerprint, if enough people seem to agree on the real one you could assume that is accurate and compare it manually to what you have and really that is about the only way.
    That is why self generated certificates is BS in my opinion. If you have to take random peoples word for it you might as well not bother with certificates, just generate a checksum of the file you downloaded and compare it with what other people say it should be.
     
    Last edited: Dec 16, 2014
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    There's no need to keep the *.asc keyfiles, after they've been added to gpg.

    The "asc" extension is reserved for keyfiles in ASCII (aka text) format. ASCII ("American Standard Code for Information Interchange") is just one of many approaches for encoding characters. But it's become most widely used for basic text.
     
  11. anon_private

    anon_private Registered Member

    Joined:
    Feb 28, 2010
    Posts:
    57
    Location:
    UK

    Thank you

    Out of interest, you said previously that it is a good idea to compare keys for consistency. Can they be compared using gpg?
     
    Last edited: Dec 17, 2014
  12. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    You can just open them with a text editor, and see if they're the same. Or you can use an app such as Diffuse < http://diffuse.sourceforge.net/ >.
     
  13. anon_private

    anon_private Registered Member

    Joined:
    Feb 28, 2010
    Posts:
    57
    Location:
    UK
    Since the file sizes are quite large I suppose that people using a text editor would check say the first few lines, and perhaps the last few.
     
  14. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    I hesitate to present the other side of YOUR viewpoint but I do. I am a member at over a half dozen sites that use their own privately generated certificates. These are sites where I find EXTREME trust in their certificate fingerprints to be a much greater value than something presented to me by a relatively unknown (to me personally) CA authority.

    WILDERS SECURITY where this thread is being posted is one such site. We use privately generated cert's here and LowWaterMark has posted the fingerprint for confirmation. My software compares the exact fingerprint of the cert when I log in here automatically. Only a perfect SHA 1 match, which cannot be duplicated by a MITM adversary, causes me to continue in.

    I cannot mention the other sites because they are private. This method is FAR better for me than taking a CA authorities word for it. There are many BAD authorities issuing stuff that scares me.

    My presentation of the other side. Not trying to be contentious, just giving another perspective.
     
    Last edited: Dec 17, 2014
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Wilders' approach does work well. But partly that's because most users are at least somewhat technical. But even for technical users, doing that for every website visited would be nontrivial.

    I do agree, though, that the current CA system is irrevocably broken and clearly backdoored.
     
  16. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    In essence this is the security vs convenience trade off that will persist forever!! By your own admission the CA system is broken when absolute trust is desired. In fact that should be considered OBVIOUS.

    I don't need that level of trust for every website I visit, but I do require it from the ones where I participate heavily and personally, such as here at Wilders. Other examples where many here may go for a "watering hole": ubuntu/debian forums, pfsense forums, Whonix/TOR/vpn provider forums, etc.... (many more for me). All of these cheerfully provide the cert details for confirmation by the user. Simple, just enter the cert info once and when I go there my machine checks for a match. No match, no enter. Can't get any easier than that!

    For other https stuff (I go lots of places) I may just be reading around and my generic tor browser with vpn's makes a MITM irrelevant to me.

    On my non-hobby computer for https I use all two factor authentication. e.g. banking and personal email accounts are two factor ONLY where a phone text or similar confirms the site connection.
     
  17. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    318
    I am quite happy for you to be contentious lol I think it is a subject worthy of debate.
    My point is this.
    The nightmare scenario is a CA will issue a fake certificate they could be pressured by governments to issue a fake Google certificate for example. This would not be something your average Joe could accomplish.
    When certificates are self generated that nightmare scenario is a piece of cake, if "mysite" carried a self generated certificate you could make a self generated "mysite" certificate right now and to the general public it would carry as much weight as my own certificate.
    Neither would have a way to prove their authenticity to anyone unless they know me personally and I gave them my certs fingerprint, but what about all the people that don't know me personally ? They could believe your site is my site too, they could even be coerced into believing "mysite" is the fake one and yours is the real one. The potential for that is even worse for software signed with self generated certificates.
    Self generated certificates are good for people who know each other in real life so they can give each other their public keys, so then in future they can be sure when they communicate with each other online or visit each others sites they are all who they claim to be but I feel they should not be used for sites and software for the general public at large because they create a false sense of security.
    I read recently that Mozilla and others are creating a free CA called Lets Encrypt so perhaps people will quit using self generated certificates for general public use.
     
    Last edited: Dec 20, 2014
  18. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    I do see your points, but folks do need to start taking their own personal security more "in hand". Nobody cares about your security than you should.

    Lets just consider Wilders as an example. I'll bet that most members come here and fully assume that their https connection is solid and safe. Assuming they ARE connected to Wilders and not a MITM that would be a safe assumption. So what do we do about that?

    LowWaterMark has published the actual full cert fingerprint, but if someone refuses to protect themselves by ascertaining they are in fact connected to Wilders, via the published credential he provided, is that his fault when it goes badly for them? NO it is their lazy A@@ fault.

    The potential for self generated certs to go wrong only exists if you get incorrect credentials to start with. But on a reputable site those credentials are not handled "in the background" but can be published directly on the front forum screen where there is NO doubt what they should be. At that point I say the site owner has done his job, now a visitor needs to be responsible and confirm their connection.

    Yes, I know it won't happen for most users because they wrongly think the little https "lock icon" on the browser means they are safe.

    While we may never agree, and I am ok with that, both of us cannot force average users to take the little time needed to verify a connection. No cute little https lock icon is going to guarantee that because a MITM or a "bad" CA can either/both take a novice user captive. Happens all the time.

    You should read about how many TOR users get stripped of their bitcoins by https MITM scams thinking TOR and the little lock icon make them safe.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Maybe Wilders should publish a gpg key, and sign its HTTPS key with that. So whenever it needs to change it's HTTPS key, users can verify that it's genuine.

    I find nothing relevant on the keyservers now, except <dog@wilderssecurity.com>, which I suspect to be some troll.
     
  20. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    Another fine idea but the published credentials are more than fine.

    When it comes to designing something that is automatic for the masses the weakness comes in. USERS have to be responsible or live with the consequences I would think. Its so tough in my family because when I start trying to show/help family members they act like I am out on a cloud somewhere. They just don't want to be bothered with inconvenience (and who does?).
     
  21. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    318
    Yes many people are just not interested, when I tell my wife about stuff related to her online security and privacy she just pretends to listen, the moment I finish she responds with, "ok babe, but do you think this glitter eyeshadow looks pretty ?"
     
  22. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    Trust me I "feel your pain"!!
     
Loading...