[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encryption of EGO keys

From: Schanzenbach, Martin
Subject: Re: Encryption of EGO keys
Date: Thu, 2 Jul 2020 17:43:44 +0200

> On 2. Jul 2020, at 11:36, Christian Grothoff <> wrote:
> Hi Jacki,
> The reason is simple: encrypting these files is pretty ineffective (and
> of course inconvenient for the user). If a process is running under your
> UID, it can most likely attach to your other processes (grabbing the
> keys after decryption), or monitor your keystrokes (say via X11) to
> intercept the passphrase as you enter it. So this type of encryption at
> best makes it a bit harder for the attacker, and only effectively limits
> attacks against keys that are not being used during the time of
> compromise. These weak benefits from encrypting individual files hardly
> outweigh the loss of usability from having yet another passphrase. We of
> course recommend that users do use full-disk encryption, but that mostly
> to protect against losses in case their device is stolen.

That would also be my knee-jerk response. However, some time ago I also
thought that it would be nice to have key storage "backends" such that you
could have hardware tokens (or plain USB keys) storing your identities/keys.

That would allow you to more easily transfer and use keys across devices.

In any case I think what jackie suggests is that the key backend would
support "plain" and "gpg encrypted". Similar to how you can setup mutt
for your imap passwords.
That would also be possible, but with less obvious advantages.

May be a nice GSoC project as well?


> If for some application you want to use a password for additional
> protection, I suggest to consider using the GNS trick of reading the Ego
> and then multiplying the public/private keys with the password to derive
> a new public-private key pair, and then to use that for authentication.
> That even ensures that an attacker cannot do an offline brute-force
> attack against the password.
> Happy hacking!
> Christian
> On 7/1/20 4:29 PM, TheJackiMonster wrote:
>> Hello there,
>> I have a question about using the EGO keys. I was thinking about using
>> them for authentication in the CADET chat but I have a problem with the
>> current handling of these keys.
>> The files are basically unencrypted on the local drive which is
>> definitely convenient but could potentially be a problem depending on
>> applications running on the system.
>> For example if I wanted to develop a remote control application with
>> GNUNET for supporting assistance and some other tasks. I would like to
>> have at least the possibility to encrypt those EGO keys with a password
>> using symmetric keys.
>> I guess I could do that manually on the files but my question is: Why
>> isn't there an automatic way using the GNUNET API to do so? I mean it
>> could be optional because I also see the benefits of raw access and
>> many (if not most) people use encryption for their drive anyway.
>> But without this feature I would still prefer using GpGMe for handling
>> identities instead of EGO because GpG allows it optionally even though
>> I would like to reduce dependencies as well.
>> -Jacki
> <0x939E6BE1E29FC3CC.asc>

Attachment: signature.asc
Description: Message signed with OpenPGP

reply via email to

[Prev in Thread] Current Thread [Next in Thread]