Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: users

IT Department having the secure key.

  

 
GnuPG users RSS feed   Index | Next | Previous | View Threaded


michael.griffiths at arc-intl

Jul 27, 2009, 2:25 AM

Post #1 of 12 (1066 views)
Permalink
IT Department having the secure key.
i wish to setup GNUpg for my work (i am the IT Administrator) but i have a
few questions.

First: if the user creates a key and then leaves the company. assuming
he/she didnt tell anyone the pass phrase and was the only key used, are
those files locked for ever?

if this is so my idea was the IT department (i.e. me) create the keys for
all my users and use a complete random password for all, then backup those
keys. then issue them to the user and allow them to change the pass phrase
to something they prefer. then if the user leaves we can use the originally
backed up key with the original password to decrypt the files they
encrypted.

will this work? i know it may sound like a security risk and ruin the whole
point of encrypting in the first place but this is the only way i can think
of safe gaurding the companies data (not users data).

Also have another question.

if a users key is compromised i.e. someone knows their pass phrase. should
the user just change the pass phrase or should a new key be generated? and
if a new key is needed will all the files that were encrypted with the old
key be in danger of be decrypted or be totally useless without the old key?

Sorry if this has been answered before or a dumb question. i am new to this
stuff.
--
View this message in context: http://www.nabble.com/IT-Department-having-the-secure-key.-tp24668288p24668288.html
Sent from the GnuPG - User mailing list archive at Nabble.com.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


michael.griffiths at arc-intl

Jul 26, 2009, 9:26 AM

Post #2 of 12 (1034 views)
Permalink
IT Department having the secure key. [In reply to]
i wish to setup GNUpg for my work (i am the IT Administrator) but i have a
few questions.

First: if the user creates a key and then leaves the company. assuming
he/she didnt tell anyone the pass phrase and was the only key used, are
those files locked for ever?

if this is so my idea was the IT department (i.e. me) create the keys for
all my users and use a complete random password for all, then backup those
keys. then issue them to the user and allow them to change the pass phrase
to something they prefer. then if the user leaves we can use the originally
backed up key with the original password to decrypt the files they
encrypted.

will this work? i know it may sound like a security risk and ruin the whole
point of encrypting in the first place but this is the only way i can think
of safe gaurding the companies data (not users data).

Also have another question.

if a users key is compromised i.e. someone knows their pass phrase. should
the user just change the pass phrase or should a new key be generated? and
if a new key is needed will all the files that were encrypted with the old
key be in danger of be decrypted or be totally useless without the old key?

Sorry if this has been answered before or a dumb question. i am new to this
stuff.
--
View this message in context: http://www.nabble.com/IT-Department-having-the-secure-key.-tp24668288p24668288.html
Sent from the GnuPG - User mailing list archive at Nabble.com.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


ingo.krabbe at eoa

Jul 27, 2009, 3:33 AM

Post #3 of 12 (1023 views)
Permalink
Re: IT Department having the secure key. [In reply to]
On Mon, Jul 27, 2009 at 02:25:05AM -0700, arcintl wrote:
>
> i wish to setup GNUpg for my work (i am the IT Administrator) but i have a
> few questions.

good idea

>
> First: if the user creates a key and then leaves the company. assuming
> he/she didnt tell anyone the pass phrase and was the only key used, are
> those files locked for ever?

Actually those files aren't locked but possibly encrypted, which is most times
even better than deleting them. So noone will have access to them who doesn't
own the key.

> if this is so my idea was the IT department (i.e. me) create the keys for
> all my users and use a complete random password for all, then backup those
> keys. then issue them to the user and allow them to change the pass phrase
> to something they prefer. then if the user leaves we can use the originally
> backed up key with the original password to decrypt the files they
> encrypted.

You have to distinguish two or three things:

1. Passwords and keys. When you use asymmetric encryption, you don't need a
password to decrypt a file, but you need the key (that is actually nothing else
then quite a long password) but: The password or the key that encrypted the file
is another one then you need to decrypt it (asymmetric)
2. You could store the same key multiple times, secured by different passwords,
or even without a password at all. Everyone who has access to the key and the
password to use the key (ofc) can decrypt the data.
3. GnuPG is a distributed system in contrast to SSL Ciphers, that are
assymmetric as well but need a centralized keyserver to prove the validity of
the key.

> will this work? i know it may sound like a security risk and ruin the whole
> point of encrypting in the first place but this is the only way i can think
> of safe gaurding the companies data (not users data).

You should think twice, and then again, of how you store and distribute the keys
and how you secure them. Finally you will get maximum security from GnuPG: But,
as long as you aren't 100% sure what you are doing: Have a backup.

For example the problem is: If you create the keys for your users, you will have
to transfer them to the users, which makes a bit of unsureness of who listens on
the transfer lines.
And: You can only encrypt the files for one key. So only one user will have
access to the files (owns the files), as long as you don't share the keys. For
example you can introduce company wide keys or deparmtement keys and distribute
them to anyone, who should have access.

> Also have another question.
>
> if a users key is compromised i.e. someone knows their pass phrase. should
> the user just change the pass phrase or should a new key be generated? and
> if a new key is needed will all the files that were encrypted with the old
> key be in danger of be decrypted or be totally useless without the old key?

Right. Assumed that you use one key for a group of users and encrypt the file
with this key, if anyone can get access to this key stored for any user, he will
get access to the encrypted files. But you need to have access to both: The key
file and the password. It's like a banking card and the PIN number. If you own
just one of them, you don't have access to the account. But if you can copy the
bank card and you can crack the pin you will have access.

> Sorry if this has been answered before or a dumb question. i am new to this
> stuff.

I hope I could push you somewhat forward with your questions.

bye, ikrabbe

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jrhendri at maine

Jul 27, 2009, 4:52 AM

Post #4 of 12 (1032 views)
Permalink
RE: IT Department having the secure key. [In reply to]
Although it is controversial, look into key escrow.

One possibility is to allow (require via policy?) users to encrypt data to a
single central escrow key (that you store offline) in addition to any other
keys they use. Then if recovery is required, the escrow key can be used to
decrypt the data.

The policies and procedures for use of this *must* be well defined up front.
How and under what circumstances this is used, etc. Otherwise you risk
losing the trust of your users.

One possibility is to encrypt the escrow private key, storing the passphrase
separately from the key so that two parties are required to recover data
(e.g. put the key on a CD or USB stick in one safe, put the passphrase in a
sealed envelope in a different safe)

Just thoughts.

Jim






-----Original Message-----
From: gnupg-users-bounces [at] gnupg [mailto:gnupg-users-bounces [at] gnupg]
On Behalf Of arcintl
Sent: Sunday, July 26, 2009 12:27 PM
To: gnupg-users [at] gnupg
Subject: IT Department having the secure key.


i wish to setup GNUpg for my work (i am the IT Administrator) but i have a
few questions.

First: if the user creates a key and then leaves the company. assuming
he/she didnt tell anyone the pass phrase and was the only key used, are
those files locked for ever?

if this is so my idea was the IT department (i.e. me) create the keys for
all my users and use a complete random password for all, then backup those
keys. then issue them to the user and allow them to change the pass phrase
to something they prefer. then if the user leaves we can use the originally
backed up key with the original password to decrypt the files they
encrypted.

will this work? i know it may sound like a security risk and ruin the whole
point of encrypting in the first place but this is the only way i can think
of safe gaurding the companies data (not users data).

Also have another question.

if a users key is compromised i.e. someone knows their pass phrase. should
the user just change the pass phrase or should a new key be generated? and
if a new key is needed will all the files that were encrypted with the old
key be in danger of be decrypted or be totally useless without the old key?

Sorry if this has been answered before or a dumb question. i am new to this
stuff.
--
View this message in context:
http://www.nabble.com/IT-Department-having-the-secure-key.-tp24668288p246682
88.html
Sent from the GnuPG - User mailing list archive at Nabble.com.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


dkg at fifthhorseman

Jul 27, 2009, 5:29 AM

Post #5 of 12 (1032 views)
Permalink
Re: IT Department having the secure key. [In reply to]
Hi Ingo--

This is a well-thought-out response, but there are some nagging,
nit-picky details that i'm not sure are what you meant:

On 07/27/2009 06:33 AM, Ingo Krabbe wrote:
> 3. GnuPG is a distributed system in contrast to SSL Ciphers, that are
> assymmetric as well but need a centralized keyserver to prove the validity of
> the key.

I think you mean to contrast OpenPGP certificates with X.509
certificates here, not GnuPG with SSL. It is possible to use OpenPGP
certificates with recent versions of TLS under some implementations:

http://tools.ietf.org/html/rfc5081

> For example the problem is: If you create the keys for your users, you will have
> to transfer them to the users, which makes a bit of unsureness of who listens on
> the transfer lines.

If the OP works in a traditional office, then transferring the keys to
the users via a pendrive (or other variation of sneakernet) is a pretty
reasonable way to avoid this concern

> And: You can only encrypt the files for one key. So only one user will have
> access to the files (owns the files), as long as you don't share the keys. For
> example you can introduce company wide keys or deparmtement keys and distribute
> them to anyone, who should have access.

You actually can encrypt files to more than one OpenPGP key, so that
anyone holding any of the recipient keys can decrypt the data. Maybe
this approach would be useful for the OP?

If, as IT administrator, you have the opportunity to configure your
users' ~/.gnupg/gpg.conf, you could add a line like

recipient 0xDEADBEEFDEADBEEF

to specify that all encryptions will automatically be encrypted to a key
that you retain for the kind of emergency recovery scenarios you describe.

--dkg
Attachments: signature.asc (0.87 KB)


rjh at sixdemonbag

Jul 27, 2009, 6:26 AM

Post #6 of 12 (1031 views)
Permalink
Re: IT Department having the secure key. [In reply to]
> One possibility is to allow (require via policy?) users to encrypt
> data to a
> single central escrow key (that you store offline) in addition to
> any other
> keys they use. Then if recovery is required, the escrow key can be
> used to
> decrypt the data.

This sounds quite a bit like the Additional Decryption Key (ADK)
feature of PGP. It's worth noting that (a) PGP's ADK feature is not
quite what people want to believe it is, and (b) is covered by a
software patent held by PGP Corporation. If someone's interested in
pursuing this route, it would be a good idea to speak to a good patent
lawyer.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


ingo.krabbe at eoa

Jul 27, 2009, 6:41 AM

Post #7 of 12 (1033 views)
Permalink
Re: IT Department having the secure key. [In reply to]
On Mon, Jul 27, 2009 at 08:29:10AM -0400, Daniel Kahn Gillmor wrote:
> Hi Ingo--
>
> This is a well-thought-out response, but there are some nagging,
> nit-picky details that i'm not sure are what you meant:
>
> On 07/27/2009 06:33 AM, Ingo Krabbe wrote:
> > 3. GnuPG is a distributed system in contrast to SSL Ciphers, that are
> > assymmetric as well but need a centralized keyserver to prove the validity of
> > the key.
>
> I think you mean to contrast OpenPGP certificates with X.509
> certificates here, not GnuPG with SSL. It is possible to use OpenPGP
> certificates with recent versions of TLS under some implementations:
>
> http://tools.ietf.org/html/rfc5081

Yes, true, I didn't remeber that X.509 early in the morning.

>
> > For example the problem is: If you create the keys for your users, you will have
> > to transfer them to the users, which makes a bit of unsureness of who listens on
> > the transfer lines.
>
> If the OP works in a traditional office, then transferring the keys to
> the users via a pendrive (or other variation of sneakernet) is a pretty
> reasonable way to avoid this concern

True also, I just wanted to mention that transferring keys is something to be
though about.

>
> > And: You can only encrypt the files for one key. So only one user will have
> > access to the files (owns the files), as long as you don't share the keys. For
> > example you can introduce company wide keys or deparmtement keys and distribute
> > them to anyone, who should have access.
>
> You actually can encrypt files to more than one OpenPGP key, so that
> anyone holding any of the recipient keys can decrypt the data. Maybe
> this approach would be useful for the OP?

As far as I know you can keep multiple different encrypted copies of a file, but
one copy of the file will only have one encryption. Assumed that you don't want
to waste space. I just see that you can encrypt for multiple keys, but you will
increase the space needed for the file copy, don't you?

I mean if you encrypt a file f.txt to f.txt.gpg with 10 recipients, you will
have a f.txt.gpg that contains f.txt 10 times encrypted in 10 different ways.
Maybe I'm wrong about this point, but I can't think about an encryption strategy
with mixed recipients.

bye, ingo

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


dshaw at JABBERWOCKY

Jul 27, 2009, 7:33 AM

Post #8 of 12 (1029 views)
Permalink
Re: IT Department having the secure key. [In reply to]
On Jul 27, 2009, at 5:25 AM, arcintl wrote:

> i wish to setup GNUpg for my work (i am the IT Administrator) but i
> have a
> few questions.
>
> First: if the user creates a key and then leaves the company. assuming
> he/she didnt tell anyone the pass phrase and was the only key used,
> are
> those files locked for ever?

If "locked" you mean "unavailable to anyone other than a keyholder"
then yes, they are effectively locked forever.

(Assuming you mean that the user actually encrypted the files - just
creating a key doesn't encrypt files, of course).

> if this is so my idea was the IT department (i.e. me) create the
> keys for
> all my users and use a complete random password for all, then backup
> those
> keys. then issue them to the user and allow them to change the pass
> phrase
> to something they prefer. then if the user leaves we can use the
> originally
> backed up key with the original password to decrypt the files they
> encrypted.
>
> will this work? i know it may sound like a security risk and ruin
> the whole
> point of encrypting in the first place but this is the only way i
> can think
> of safe gaurding the companies data (not users data).

This will work (it's basically key escrow). It's a risk (keep track
of your backups!), but everything carries some level of risk. The
trick is to manage your level of risk to what you are comfortable with.

Note that schemes like this presume an honest user from the start.
They are not effective against a malicious employe who wants to cause
harm (which is not necessarily an issue, but worth mentioning).

> Also have another question.
>
> if a users key is compromised i.e. someone knows their pass phrase.
> should
> the user just change the pass phrase or should a new key be generated?

It depends. If only the passphrase is compromised (i.e. the attacker
didn't get the key file also) then changing the passphrase is
sufficient. If the attacker got both the key and the passphrase, then
a new key must be generated. The problem here (alas) is that it is
often difficult to tell whether an attacker got just the passphrase,
just the key file, or both. It's often easier and more prudent to
assume that if the attacker got anything, they got both.

David


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


dshaw at JABBERWOCKY

Jul 27, 2009, 7:34 AM

Post #9 of 12 (1030 views)
Permalink
Re: IT Department having the secure key. [In reply to]
On Jul 27, 2009, at 8:29 AM, Daniel Kahn Gillmor wrote:

>> And: You can only encrypt the files for one key. So only one user
>> will have
>> access to the files (owns the files), as long as you don't share
>> the keys. For
>> example you can introduce company wide keys or deparmtement keys
>> and distribute
>> them to anyone, who should have access.
>
> You actually can encrypt files to more than one OpenPGP key, so that
> anyone holding any of the recipient keys can decrypt the data. Maybe
> this approach would be useful for the OP?
>
> If, as IT administrator, you have the opportunity to configure your
> users' ~/.gnupg/gpg.conf, you could add a line like
>
> recipient 0xDEADBEEFDEADBEEF
>
> to specify that all encryptions will automatically be encrypted to a
> key
> that you retain for the kind of emergency recovery scenarios you
> describe.

I'd use "encrypt-to" instead of "recipient", but basically, yes, that
will work. It's a reasonably common solution for the problem.

This is similar in effect to PGP.com's additional decryption key (the
ADK has better granularity as it works on a per-key basis, but the
concept is the same). However, note that this (and the ADK) both are
only really effective with an honest user. If a user wants to
manipulate their key to remove the ADK (which is trivial) or edit
their gpg.conf to remove the extra encrypt-to line, then you'd need a
more central (and not under user control) way to guard against
trouble. For example, if we're just talking about email, you could
tweak your mail server to check to see if the extra recipient was
present and if not, reject the message, etc. I believe the PGP folks
have some variant of this ability, but you'd have to ask them for the
details.

David


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


dshaw at jabberwocky

Jul 27, 2009, 7:49 AM

Post #10 of 12 (1030 views)
Permalink
Re: IT Department having the secure key. [In reply to]
Somehow this thread mutated into being on both gnupg-devel and gnupg-
users. I'm only replying to gnupg-users. Let's try to keep it on one
list.

On Jul 27, 2009, at 9:41 AM, Ingo Krabbe wrote:

>> You actually can encrypt files to more than one OpenPGP key, so that
>> anyone holding any of the recipient keys can decrypt the data. Maybe
>> this approach would be useful for the OP?
>
> As far as I know you can keep multiple different encrypted copies of
> a file, but
> one copy of the file will only have one encryption. Assumed that
> you don't want
> to waste space. I just see that you can encrypt for multiple keys,
> but you will
> increase the space needed for the file copy, don't you?
>
> I mean if you encrypt a file f.txt to f.txt.gpg with 10 recipients,
> you will
> have a f.txt.gpg that contains f.txt 10 times encrypted in 10
> different ways.
> Maybe I'm wrong about this point, but I can't think about an
> encryption strategy
> with mixed recipients.

OpenPGP supports multiple recipients. 10 recipients do not require
10x the space of 1 recipient, instead, you end up with a single
encryption of the data, and then a small encrypted session key per
recipient. So encrypting to 10 recipients is a bit larger than
encrypting to 1 recipient, but it is nowhere near as large as
encrypting to 10 recipients individually. Any of the recipients can
decrypt the data.

David


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


dkg at fifthhorseman

Jul 27, 2009, 7:54 AM

Post #11 of 12 (1017 views)
Permalink
Re: IT Department having the secure key. [In reply to]
On 07/27/2009 09:41 AM, Ingo Krabbe wrote:
> I mean if you encrypt a file f.txt to f.txt.gpg with 10 recipients, you will
> have a f.txt.gpg that contains f.txt 10 times encrypted in 10 different ways.
> Maybe I'm wrong about this point, but I can't think about an encryption strategy
> with mixed recipients.

I believe the way that it works is that the content of the file is
encrypted with a symmetric cipher (against a randomly-generated session
key). Then, the session key itself is encrypted to the relevant
asymmetric key, and placed in a "Public-Key Encrypted Session Key Packet":

http://tools.ietf.org/html/rfc4880#section-5.1

So if you encrypt a file to multiple public keys, the encrypted data
only grows by the size of one additional Public-Key Encrypted Session
Key Packet per recipient (about 0.5KB, depending on the algorithms
used). If you're encrypting a 500K file, an extra ESK packet isn't much
overhead.

--dkg
Attachments: signature.asc (0.87 KB)


faramir.cl at gmail

Jul 27, 2009, 10:50 AM

Post #12 of 12 (1025 views)
Permalink
Re: IT Department having the secure key. [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

arcintl escribió:
...
> First: if the user creates a key and then leaves the company. assuming
> he/she didnt tell anyone the pass phrase and was the only key used, are
> those files locked for ever?

Right, without access to the secret key, it is not possible to decrypt
the files.

> if this is so my idea was the IT department (i.e. me) create the keys for
> all my users and use a complete random password for all, then backup those
> keys. then issue them to the user and allow them to change the pass phrase
> to something they prefer. then if the user leaves we can use the originally
> backed up key with the original password to decrypt the files they
> encrypted.

I think that is called key escrow. To prevent abuse on the backup,
maybe you can keep it encrypted with symmetric encryption, and maybe use
a secret sharing scheme, like Shamir's Secret Sharing Scheme

Take a look at http://point-at-infinity.org/ssss/ and at
http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing

> will this work? i know it may sound like a security risk and ruin the whole
> point of encrypting in the first place but this is the only way i can think
> of safe gaurding the companies data (not users data).

Well, I think while the backup is stored safely, it would not be too
risky... but what if the one knowing the passphrase of the backup leaves
the company? That's why I suggested using something like SSSS.


> Also have another question.
>
> if a users key is compromised i.e. someone knows their pass phrase. should
> the user just change the pass phrase or should a new key be generated? and
> if a new key is needed will all the files that were encrypted with the old
> key be in danger of be decrypted or be totally useless without the old key?

I think (but I may be wrong) that it is suggested to revoke the key
and generate a new one, just in case.

By the way, it is a good idea to don't delete revoked keys, they will
be needed to decrypt files (or messages) encrypted to that old key...

Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJKbejTAAoJEMV4f6PvczxAEzEH/3loCsEgj053rh7dczJ6Anpl
rVM8hRjbYuRReCbUx7KUrMyXJ3I5uB3I2k3xOE3a0q0VnGgdsG7IAxqdJrJLk+w/
gJBbk+y+3lCGoQu+McbMUwu00e5zQ5uRWGReeuyqCTOrQgFo1I5qzG0hC0L5UAw8
wu0SM5u4fhX7YTnrKOyK3Z5yE3LXWI5C0UT4CL9wJoVeYqPdYVuLyduRKRUdegUj
/5aBUSiMnq4QLeQfxlLu4DO8MWL5cd9VyiY7loBxNKklhInhWfmclm1UebuRJzj/
mMM2uVjBBzaLQ7HJKvPSGwoLcZ+bJjlUdtDxPHgPY3TTjIxiokRtgA/sBKPbDc0=
=wwTp
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.