Re: PGP

From: Matthew Pemble (mpemble@isintegration.com)
Date: 08/29/01


From: "Matthew Pemble" <mpemble@isintegration.com>
To: <security-basics@securityfocus.com>
Subject: Re: PGP
Date: Wed, 29 Aug 2001 09:22:00 +0100
Message-ID: <000a01c13063$acb7b260$0a02a8c0@pemble.net>


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mike,

A further note or two:

The hybrid cryptosystem in PGP has been well explained by a couple of
people - the reason for doing it this way, rather than the logically
simpler use of pure PKI is that PKI is very processor intensive. PGP
is not a new program and CPU cycles were more important when Phil was a
lad! It is much quicker to PK encrypt a small (128 or 256 bit)
symmetric key and use that to encrypt the possibly lengthy message and
attachments.

Your original query regarded embedding your public key in the message.
This is not necessarily a good idea, as it opens up "man in the middle"
attacks.

We accept that it is trivial to spoof email headers and send claiming
to be anyone, this is why we have the concept of the digital signature.
 However, it is also trivial to generate a PGP key for any email
address. If you rely on an key embedded in a message, you cannot be
sure that that key was actually generated by the person "owning" the
email address, rather than a clever forger.

You should always try to obtain keys from a separate source - "out of
band", and, before you rely on them for anything serious, check the key
fingerprint with the putative owner. If the key is signed by enough
people you do trust, you may wish to be a little less paranoid.

- --

Matthew Pemble

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO4ymJWrvMjpl5yaUEQLXNACgytlkLDFjzCT5feh0iMzmhJlD0LoAoJCL
lsP+OFqABZnzLgHmgAqAU4k2
=znv/
-----END PGP SIGNATURE-----