Posted by Bob Jonkman on 25th March 2014
Never Eat That Green Food At The Back Of The Fridge
Never Trust Anyone Over Thirty
and
Never Sign A GnuPG/PGP Key That’s Older Than You Are
Looking for green food at the back of the fridge
OK, only one of those is true, and it’s not the last one. At the University of Waterloo
Keysigning Party last fall, some of the people signing my key were younger than the key they were signing!
At the keysigning I was having a discussion with someone about key lengths. In particular, choosing 4096 bits instead of 2048. I was reading that GnuPG has a limit of 4096 bits, but that 4096 should be enough for all time to come.
I’ve read online that GnuPG does actually support larger key sizes but that there is a const in the source code limiting it to 4096. The reasons for doing so are supposedly speed, 4096 would be very slow to generate and use, and comparability with other implementations that may not support larger keys. Personally I think it’s an inevitability that this will be increased in time but we’re not there yet.
In 1996 when I started with PGP a 1024 bit key was considered adequate, by 1999 a 2048 bit key was still considered large.
Consider Moore’s Law: every 18 months computing capacity doubles and costs halve. I’m not sure if that means that over 18 months x flops increases to 2x flops at the same price, or that in 18 months the cost of x flops is half of today’s cost, or if it means that in 18 months the cost of 2x flops will be half the cost of x flops today. If the latter, then today’s x flops/$ is x/4 flops/$ in 18 months. That factor of four is an increase of two bits every 18 months, or four bits every 3 years.
So, the cost in 1996 to brute-force crack a 1024 bit key is the same as the cost in 1999 to crack a 1028 bit key. And in 2014, 18 years later, it’s the same cost as cracking a 1048 bit key (an additional 24 bits).
An increase in key size from 1024 bits to 2048 bits buys an additional 768 years of Moore’s Law. And going from 2048 bits to 4096 bits buys an additional 1536 years of Moore’s Law.
Is Moore’s Law overestimating the cost of cracking keys? Are there fundamental advances in math that have dropped the cost of cracking 1024 bit keys to near-zero? What’s the economic justification for crippling keysizes in GnuPG, anyway?
–Bob, who is not trolling but really wants to know.
Tags: brute force, cost, Crypto, GnuPG, green food, Jason Rogers, keys, keysigning party, Moore's Law, pgp, University of Waterloo
Posted in PGP/GPG | 1 Comment »
Posted by Bob Jonkman on 24th November 2013
Cryptoparty like it’s 31 December 1983!
At the
next KWLUG meeting on Monday, 2 December 2013 I’ll be demonstrating how to do e-mail encryption with Thunderbird and Enigmail. If you’ve never used e-mail encryption before then bring a laptop, and we’ll create keys and learn how to use them. We’ll save the lesson with
pointy sticks for another day.
For those people who already have GnuPG/PGP keys I’m also hosting a Formal Keysigning. Participants will introduce themselves, read their GnuPG key fingerprint, then anyone else is invited to vouch for that person:
Bob: “I’m Bob Jonkman, and my GnuPG fingerprint is 04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA”
Andrew: “I’ve known Bob since the early days, and that’s really him”
This is a great way to expand your Web Of Trust to include people whose keys you might not otherwise sign (because you don’t know them very well, or they only have ID issued by an authority you don’t like). With all these introductions and vouchings the chance of someone misrepresenting their identity is vanishingly small, so you can trust that the key fingerprint they read is really associated with that person.
To make this process go smoothly I’d like to have a printout of all the participants’ keyIDs, UserIDs, and key fingerprints, which I’ll distribute at the keysigning. That way you can just check off each name/keyID/fingerprint as people read them, and then sign their keys later at your leisure. But to get that printout I’ll need the public key of anyone who would like to participate in the keysigning.
If you’re using Thunderbird and Enigmail then open the Key Management window, right-click on your key and select “Send Public Keys by E-mail”, and send it to me ( bjonkman@sobac.com )
If you’re a command-line weenie then use
gpg --export 0xYOURKEYID > 0xYOURKEYID-public-key-for-YOURNAME.pgp
and send that file 0xYOURKEYID-public-key-for-YOURNAME.pgp to me (substitute your actual keyID and actual name as needed).
Of course, I’d prefer signed, encrypted e-mail, but public keys are public (so encryption isn’t necessary), and public keys should already be self-signed anyway.
Unfortunately, if you’re creating your keys for the first time at the meeting you won’t be able to send me anything now. You can still participate in the vouching process, and we’ll have an informal keysigning after the formal keysigning, where all you need to do is read your fingerprint straight from your computer and those people who already know you can sign your key.
I’m still working on the procedures for the formal keysigning; you can see the work in progress (and contribute!) on the Formal Keysigning page on the Wiki.
Thanx, and hope to see you on Monday, 2 December 2013!
–Bob, who is the Keymaster. Who will be the Gatekeeper?
The Cryptoparty keypair logo from the Cryptoparty Artwork repository on GitHub is available in the 
Public Domain.
Tags: Crypto, e-mail, encryption, Enigmail, fingerprint, gatekeeper, GNU Privacy Guard, GnuPG, identity, introduction, keymaster, keysigning, keysigning party, KWLUG, pgp, Pretty Good Privacy, procedure, Thunderbird, vouch, web of trust
Posted in email, PGP/GPG, privacy | Comments Off on Preparing for the Keysigning Cryptoparty, 2 Dec 2013
Posted by Bob Jonkman on 9th October 2013
The months of October and November are shaping up to have some great lectures and presentations on cryptography, security and privacy.
Keysigning materials
Yesterday started off with an informal keysigning at the KWLUG meeting. The presentation was on the Scratch programming environment, nothing to do with GnuPG/PGP or cryptography. But a few of us exchanged little slips of paper with our key fingerprints, verified that the name with the fingerprint matched the person we knew, signed the keys, and so improved our standing in the Web of Trust. I hope that this becomes a regular part of all KWLUG meetings. The more people that participate, the more confident we can be about the validity of keys we may not have verified ourselves.
Today I attended the first UofW CSClub lecture on Security and Privacy by Sarah Harvey. If you’ve been following the news about the Snowden revelations you’ll know why security and privacy is important. The room was full of computer science, math and cryptography students, so the discussions were deep and technical.
Sarah Harvey shows a slide of Edward Snowden
There was a vacancy in the November KWLUG meeting so I asked Sarah if she would repeat her lecture. Let’s see what the KWLUG bosses have to say…
There are more CSClub lectures scheduled, check the schedule on the CSClub site.
KWCrypto logo, the M-209 cipher machine
I’ve volunteered to do a presentation on Encrypting E-mail with GnuPG, Thunderbird and Enigmail, followed by a formal keysigning. I’m developing the presentation notes and keysigning procedure on the KWCrypto Interest Group Wiki that was set up after the Kwartzlab keysigning party last year. Please join me on the Wiki and the mailing list — I’d appreciate the help.
–Bob.
Tags: computer science, Computer Science Club, Crypto, cryptography, CSClub, Enigmail, GNU Privacy Guard, GnuPG, keysigning, Kitchener, KWCrypto, KWLUG, Linux, mailing list, math, pgp, Pretty Good Privacy, privacy, Sarah Harvey, security, Thunderbird, University of Waterloo, Waterloo, wiki
Posted in PGP/GPG, privacy, security | Comments Off on Cryptography and Security Events in Kitchener-Waterloo
PoliBlog
WatCamp
CC BY license.
Creative Commons – Attribution-ShareAlike 2.0 Generic – CC BY-SA 2.0