Re: hiding encryption keys
Date: Sun, 14 Aug 2005 11:03:20 +1000
Joseph Ashwood wrote:
> <Crypto@S.M.S> wrote in message news:firstname.lastname@example.org...
>>Joseph Ashwood wrote:
>>><email@example.com> wrote in message
>>>>I am in discussions with a vendor regarding the storing of encryption
>>>>keys on systems that exchange information through an application. The
>>>>vendor is advising against storing the keys in the registry and
>>>>suggests hiding them somewhere in the filesystem. They suggest that
>>>>the registry is the first place an attacker would look.
>>>>The systems are open to the public internet and web traffic. If the
>>>>keys need to be accessible to the system somewhere locally, which would
>>>>be a better place to store the keys and why? I would think the
>>>>registry would be safer than the file system. Thanks in advance.
>>>I'll agree with Unruh that the situation is not at it's best.
>>>IIRC correctly it is easier to protect something in the windows registry
>>>by using the encrypted interfaces, but IIRC these are broken so the extra
>>>security is minimal at best. The typical way of creating a system that
>>>has the potential to be secure is to store Encrypt(User_key,
>>>encryption_keys) (i.e. encryption_keys encrypted with the User_key), then
>>>require that the user enter the User_key, this is a very simplified (e.g.
>>>has holes) version of what PGP does, where the storage occurs actually
>>>becomes generally irrelevant.
>>>To have something secure requires secure storage of some kind, whether
>>>that is hardware or the human brain is a potentially very complex design
>>Didn't you say that people can not remember pass phrases?
>>And now you refer to the human brain as secure storage?
> What I said was the people make bad storage devices for large quantities of
> entropy. Each individual has a limit to the amount of entropy they can
> memorize, if each individual can memorize say 120-bits, then each passphrase
> they memorize can only have 120/n bits of entropy (on average) where n is
> the number of passphrases. For a single passphrase this would deliver
> 120-bits of entropy, more than enough to be secure, with 3 passphrase it
> would mean a strength of only 40-bits far below what is needed for security.
120 bits seems like a very low limit.
How are you defining this "amount of entropy they can memorize"?
It seems we disagree on memorisation skills.